Описание
Security update for systemd
This update for systemd fixes the following issues:
-
CVE-2021-33910: Fixed use of strdupa() on a path (bsc#1188063).
-
logind: terminate cleanly on SIGTERM/SIGINT (bsc#1188018).
-
Adopting BFQ to control I/O (jsc#SLE-21032, bsc#1134353).
-
Rules weren't applied to dm devices (multipath) (bsc#1188713).
-
Ignore obsolete 'elevator' kernel parameter (bsc#1184994, bsc#1190234).
-
Make sure the versions of both udev and systemd packages are always the same (bsc#1189480).
-
Avoid error message when udev is updated due to udev being already active when the sockets are started again (bsc#1188291).
-
Allow the systemd sysusers config files to be overriden during system installation (bsc#1171962).
Список пакетов
openSUSE Leap 15.3
Ссылки
- E-Mail link for openSUSE-SU-2021:3348-1
- SUSE Security Ratings
- SUSE Bug 1134353
- SUSE Bug 1171962
- SUSE Bug 1184994
- SUSE Bug 1188018
- SUSE Bug 1188063
- SUSE Bug 1188291
- SUSE Bug 1188713
- SUSE Bug 1189480
- SUSE Bug 1190234
- SUSE CVE CVE-2021-33910 page
Описание
basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.
Затронутые продукты
Ссылки
- CVE-2021-33910
- SUSE Bug 1188062
- SUSE Bug 1188063