openSUSE-SU-2021:2404-1

Опубликовано: 20 июл. 2021

Источник: suse-cvrf

Описание

Security update for systemd

This update for systemd fixes the following issues:

CVE-2021-33910: Fixed a denial of service in systemd via unit_name_path_escape() (bsc#1188063)
Skip udev rules if 'elevator=' is used (bsc#1184994)

Список пакетов

openSUSE Leap 15.3

systemd-bash-completion-234-24.90.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QZX3NUVJOV7AC5ZERG2JQFSEIIX6QJXR/
E-Mail link for openSUSE-SU-2021:2404-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1184994
SUSE Bug 1184994
https://bugzilla.suse.com/1188063
SUSE Bug 1188063
https://www.suse.com/security/cve/CVE-2021-33910/
SUSE CVE CVE-2021-33910 page

Описание

basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.

Затронутые продукты

openSUSE Leap 15.3:systemd-bash-completion-234-24.90.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-33910.html
CVE-2021-33910
https://bugzilla.suse.com/1188062
SUSE Bug 1188062
https://bugzilla.suse.com/1188063
SUSE Bug 1188063

openSUSE-SU-2021:2404-1

Описание

Список пакетов

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2021-33910

Описание

Затронутые продукты

Ссылки