Filtered by vendor Systemd Project
Subscriptions
Filtered by product Systemd
Subscriptions
Total
47 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-7796 | 3 Novell, Redhat, Systemd Project | 11 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Server For Sap and 8 more | 2025-04-12 | N/A |
| The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled. | ||||
| CVE-2012-0871 | 2 Opensuse, Systemd Project | 2 Opensuse, Systemd | 2025-04-12 | N/A |
| The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/. | ||||
| CVE-2016-7795 | 3 Canonical, Redhat, Systemd Project | 4 Ubuntu Linux, Enterprise Linux, Rhel Eus and 1 more | 2025-04-12 | N/A |
| The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket. | ||||
| CVE-2013-4393 | 1 Systemd Project | 1 Systemd | 2025-04-11 | N/A |
| journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor. | ||||
| CVE-2013-4392 | 1 Systemd Project | 1 Systemd | 2025-04-11 | N/A |
| systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files. | ||||
| CVE-2013-4327 | 3 Canonical, Debian, Systemd Project | 3 Ubuntu Linux, Debian Linux, Systemd | 2025-04-11 | N/A |
| systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288. | ||||
| CVE-2013-4394 | 2 Debian, Systemd Project | 2 Debian Linux, Systemd | 2025-04-11 | N/A |
| The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters." | ||||
| CVE-2013-4391 | 2 Debian, Systemd Project | 2 Debian Linux, Systemd | 2025-04-11 | N/A |
| Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow. | ||||
| CVE-2023-26604 | 2 Redhat, Systemd Project | 4 Enterprise Linux, Rhel Els, Rhel Eus and 1 more | 2025-03-07 | 7.8 High |
| systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. | ||||
| CVE-2023-31437 | 1 Systemd Project | 1 Systemd | 2025-01-03 | 5.3 Medium |
| An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." | ||||
| CVE-2017-9217 | 1 Systemd Project | 1 Systemd | 2024-12-13 | 7.5 High |
| systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty question section. | ||||
| CVE-2023-7008 | 3 Debian, Redhat, Systemd Project | 4 Debian Linux, Cryostat, Enterprise Linux and 1 more | 2024-11-23 | 5.9 Medium |
| A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records. | ||||
| CVE-2023-31439 | 1 Systemd Project | 1 Systemd | 2024-11-21 | 5.3 Medium |
| An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." | ||||
| CVE-2023-31438 | 1 Systemd Project | 1 Systemd | 2024-11-21 | 5.3 Medium |
| An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability." | ||||
| CVE-2022-4415 | 2 Redhat, Systemd Project | 3 Enterprise Linux, Rhel Eus, Systemd | 2024-11-21 | 5.5 Medium |
| A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting. | ||||
| CVE-2022-45873 | 3 Fedoraproject, Redhat, Systemd Project | 3 Fedora, Enterprise Linux, Systemd | 2024-11-21 | 5.5 Medium |
| systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file. | ||||
| CVE-2022-3821 | 3 Fedoraproject, Redhat, Systemd Project | 4 Fedora, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 5.5 Medium |
| An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service. | ||||
| CVE-2022-2526 | 3 Netapp, Redhat, Systemd Project | 14 Active Iq Unified Manager, H300s, H300s Firmware and 11 more | 2024-11-21 | 9.8 Critical |
| A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later. | ||||
| CVE-2021-3997 | 3 Fedoraproject, Redhat, Systemd Project | 3 Fedora, Enterprise Linux, Systemd | 2024-11-21 | 5.5 Medium |
| A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp. | ||||
| CVE-2021-33910 | 5 Debian, Fedoraproject, Netapp and 2 more | 8 Debian Linux, Fedora, Hci Management Node and 5 more | 2024-11-21 | 5.5 Medium |
| basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash. | ||||