Explore top 10 tips to secure your open-source projects now. Read More
×
CVE-2017-18078
systemd-tmpfiles in systemd attempted to support ownership/permission
changes on hardlinked files even if the fs.protected_hardlinks sysctl
is turned off, which allowed local users to bypass intended access
restrictions via vectors involving a hard link to a file for which
the user lacked write access.
CVE-2019-3842
It was discovered that pam_systemd did not properly sanitize the
environment before using the XDG_SEAT variable. It was possible for
an attacker, in some particular configurations, to set a XDG_SEAT
environment variable which allowed for commands to be checked against
polkit policies using the "allow_active" element rather than
"allow_any".
For Debian 8 "Jessie", these problems have been fixed in version
215-17+deb8u12.
We recommend that you upgrade your systemd packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
Get the latest Linux and open source security news straight to your inbox.