SB2016121387 - Gentoo update for systemd 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016121387

SB2016121387 - Gentoo update for systemd

Published: December 13, 2016 Updated: December 13, 2016

Security Bulletin ID SB2016121387
Severity
Medium
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 67% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Heap-based buffer overflow (CVE-ID: CVE-2013-4391)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in Integer overflow in the valid_user_field function in journal/journald-native.c in systemd. A remote attacker can use a large journal data field to trigger heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Resource management error (CVE-ID: CVE-2013-4393)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.


3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2013-4394)

The vulnerability allows a remote non-authenticated attacker to #BASIC_IMPACT#.

The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."


Remediation

Install update from vendor's website.

References