drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in systemd
Name: |
Mehrere Probleme in systemd |
|
ID: |
USN-3855-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10 |
|
Datum: |
Fr, 11. Januar 2019, 16:27 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16865
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16866 |
|
Applikationen: |
systemd |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============0973669182366475110== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="sibTtU3ta6mY9LTRbe1yZbzu6lUHUbpCa"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --sibTtU3ta6mY9LTRbe1yZbzu6lUHUbpCa Content-Type: multipart/mixed; boundary="m5onwqW5QHaQVgm45gvlK7qSfX05XyHxy"; protected-headers="v1" From: Chris Coulson <chris.coulson@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <e43eef1f-3fad-4f71-f113-9341c5d2e3fe@canonical.com> Subject: [USN-3855-1] systemd vulnerabilities
--m5onwqW5QHaQVgm45gvlK7qSfX05XyHxy Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable Content-Language: en-US
========================================================================== Ubuntu Security Notice USN-3855-1 January 11, 2019
systemd vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in systemd.
Software Description: - systemd: system and service manager
Details:
It was discovered that systemd-journald allocated variable-length buffers for certain message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2018-16864)
It was discovered that systemd-journald allocated variable-length arrays of objects representing message fields on the stack. A local attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. (CVE-2018-16865)
An out-of-bounds read was discovered in systemd-journald. A local attacker could potentially exploit this to obtain sensitive information and bypass ASLR protections. (CVE-2018-16866)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10: systemd 239-7ubuntu10.6
Ubuntu 18.04 LTS: systemd 237-3ubuntu10.11
Ubuntu 16.04 LTS: systemd 229-4ubuntu21.15
After a standard system update you need to reboot your computer to make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3855-1 CVE-2018-16864, CVE-2018-16865, CVE-2018-16866
Package Information: https://launchpad.net/ubuntu/+source/systemd/239-7ubuntu10.6 https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.11 https://launchpad.net/ubuntu/+source/systemd/229-4ubuntu21.15
--m5onwqW5QHaQVgm45gvlK7qSfX05XyHxy--
--sibTtU3ta6mY9LTRbe1yZbzu6lUHUbpCa Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEERN//5MGgCOgyKeIFYR+97NWUbg8FAlw4p/AACgkQYR+97NWU bg8jGwf+MHGb6GfgGu15xS3cIOjSyCVPxI0MyA936/LPCoDVG4PWkGUPihjgloni TYH/BEifI0sciEdUduzvTPGjVYvZMzveBbO/pHsvNfI6LCnNuiraI81lMNiQGEOe imNP2gbAgnGHnItot69GokDhIors6Fsr5CD2/Ij5AkhsF7crUwxWX0rMb99HEFWD f5A8XvDIkMdP62mP1P50w4Evyirwj8ww0Fahm8g6CZXPA1pgNhPoTLL2/lFJabvW D3f+pkTkaEz36wPK4+LBCYWuesuXOnuRMYUjuwLoRYKWNC0sTtjw2u2yPOR5AKdI YBAD56M11+TeigdXtenFtQz2CAGPYg== =bJkU -----END PGP SIGNATURE-----
--sibTtU3ta6mY9LTRbe1yZbzu6lUHUbpCa--
--===============0973669182366475110== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============0973669182366475110==--
|
|
|
|