SUSE: 2019:1364-2 Moderate Security Update for Systemd Access Issues

suse

July 15, 2019

An update that solves four vulnerabilities and has 9 fixes is now available

Summary

This update for systemd fixes the following issues: Security issues fixed: - CVE-2019-3842: Fixed a privilege escalation in pam_systemd which could be exploited by a local user (bsc#1132348). - CVE-2019-6454: Fixed a denial of service via crafted D-Bus message (bsc#1125352). - CVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where services with DynamicUser could gain new privileges or create SUID/SGID binaries (bsc#1133506, bsc#1133509). Non-security issued fixed: - logind: fix killing of scopes (bsc#1125604) - namespace: make MountFlags=shared work again (bsc#1124122) - rules: load drivers only on "add" events (bsc#1126056) - sysctl: Don't pass null directive argument to '%s' (bsc#1121563) - systemd-coredump: generate a stack trace of all core dumps and log into the journal (jsc#SLE-5933)

Topics Covered

security advisory moderate denial of service privilege escalation systemd

References

#1036463 #1121563 #1124122 #1125352 #1125604

#1126056 #1127557 #1130230 #1132348 #1132400

#1132721 #1133506 #1133509

Cross- CVE-2019-3842 CVE-2019-3843 CVE-2019-3844

CVE-2019-6454

Affected Products:

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1

SUSE Linux Enterprise Module for Basesystem 15-SP1

https://www.suse.com/security/cve/CVE-2019-3842.html

https://www.suse.com/security/cve/CVE-2019-3843.html

https://www.suse.com/security/cve/CVE-2019-3844.html

https://www.suse.com/security/cve/CVE-2019-6454.html

https://bugzilla.suse.com/1036463

https://bugzilla.suse.com/1121563

https://bugzilla.suse.com/1124122

https://bugzilla.suse.com/1125352

https://bugzilla.suse.com/1125604

https://bugzilla.suse.com/1126056

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:1364-2

Rating: moderate

Topics Covered

security advisory moderate denial of service privilege escalation systemd

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:1364-2 Moderate Security Update for Systemd Access Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:1364-2 Moderate Security Update for Systemd Access Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!