Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2022:6206

Опубликовано: 29 авг. 2022
Источник: rocky
Оценка: SEVERITY_IMPORTANT

Описание

Important: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
systemdi68658.el8_6.4systemd-239-58.el8_6.4.i686.rpm
systemdx86_6458.el8_6.4systemd-239-58.el8_6.4.x86_64.rpm
systemd-containeri68658.el8_6.4systemd-container-239-58.el8_6.4.i686.rpm
systemd-containerx86_6458.el8_6.4systemd-container-239-58.el8_6.4.x86_64.rpm
systemd-develi68658.el8_6.4systemd-devel-239-58.el8_6.4.i686.rpm
systemd-develx86_6458.el8_6.4systemd-devel-239-58.el8_6.4.x86_64.rpm
systemd-journal-remotex86_6458.el8_6.4systemd-journal-remote-239-58.el8_6.4.x86_64.rpm
systemd-libsi68658.el8_6.4systemd-libs-239-58.el8_6.4.i686.rpm
systemd-libsx86_6458.el8_6.4systemd-libs-239-58.el8_6.4.x86_64.rpm
systemd-pamx86_6458.el8_6.4systemd-pam-239-58.el8_6.4.x86_64.rpm

Показывать по

Связанные CVE

CVE-2022-2526

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2022-2526

CVSS3: 9.8
ubuntu
почти 3 года назад

A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.

redhat логотип

CVE-2022-2526

CVSS3: 9.8
redhat
почти 3 года назад

A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.

nvd логотип

CVE-2022-2526

CVSS3: 9.8
nvd
почти 3 года назад

A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.

debian логотип

CVE-2022-2526

CVSS3: 9.8
debian
почти 3 года назад

A use-after-free vulnerability was found in systemd. This issue occurs ...

redos логотип

ROS-20240403-04

CVSS3: 9.8
redos
около 1 года назад

Уязвимость systemd