Multiple vulnerabilities in Freedesktop systemd
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2013-4391 CVE-2013-4392 CVE-2013-4393 CVE-2013-4394 |
| CWE-ID | CWE-122 CWE-264 CWE-399 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
systemd Server applications / Other server solutions |
| Vendor | Freedesktop.org |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Heap-based buffer overflow
EUVDB-ID: #VU42412
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-4391
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in Integer overflow in the valid_user_field function in journal/journald-native.c in systemd. A remote attacker can use a large journal data field to trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionssystemd: All versions
CPE2.3 External linkshttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
https://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e
https://www.debian.org/security/2013/dsa-2777
https://www.openwall.com/lists/oss-security/2013/10/01/9
https://bugzilla.redhat.com/show_bug.cgi?id=859051
https://security.gentoo.org/glsa/201612-34
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU42413
Risk: Medium
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-4392
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to read and manipulate data.
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.
MitigationInstall update from vendor's website.
Vulnerable software versionssystemd: All versions
CPE2.3 External linkshttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
https://www.openwall.com/lists/oss-security/2013/10/01/9
https://bugzilla.redhat.com/show_bug.cgi?id=859060
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Resource management error
EUVDB-ID: #VU42414
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2013-4393
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform service disruption.
journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.
MitigationInstall update from vendor's website.
Vulnerable software versionssystemd: All versions
CPE2.3 External linkshttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
https://www.openwall.com/lists/oss-security/2013/10/01/9
https://bugzilla.redhat.com/show_bug.cgi?id=859104
https://security.gentoo.org/glsa/201612-34
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU42415
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2013-4394
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to #BASIC_IMPACT#.
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."
MitigationInstall update from vendor's website.
Vulnerable software versionssystemd: All versions
CPE2.3 External linkshttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
https://www.debian.org/security/2013/dsa-2777
https://www.openwall.com/lists/oss-security/2013/10/01/9
https://bugzilla.redhat.com/show_bug.cgi?id=862324
https://security.gentoo.org/glsa/201612-34
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
