SUSE: 2019:0137-1 Important: Systemd Memory Corruption Issues

suse

January 21, 2019

An update that solves four vulnerabilities and has 7 fixes is now available

Summary

This update for systemd provides the following fixes: Security issues fixed: - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323) - CVE-2018-16866: Fixed an information leak in journald (bsc#1120323) - CVE-2018-6954: Fix mishandling of symlinks present in non-terminal path components (bsc#1080919) - Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971) Non-security issues fixed: - pam_systemd: Fix 'Cannot create session: Already running in a session' (bsc#1111498) - systemd-vconsole-setup: vconsole setup fails, fonts will not be copied to tty (bsc#1114933) - systemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple units (bsc#1045723)

Topics Covered

security advisory information leak memory corruption important SUSE systemd swap issue

References

#1005023 #1045723 #1076696 #1080919 #1093753

#1101591 #1111498 #1114933 #1117063 #1119971

#1120323

Cross- CVE-2018-16864 CVE-2018-16865 CVE-2018-16866

CVE-2018-6954

Affected Products:

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

SUSE Linux Enterprise Module for Basesystem 15

https://www.suse.com/security/cve/CVE-2018-16864.html

https://www.suse.com/security/cve/CVE-2018-16865.html

https://www.suse.com/security/cve/CVE-2018-16866.html

https://www.suse.com/security/cve/CVE-2018-6954.html

https://bugzilla.suse.com/1005023

https://bugzilla.suse.com/1045723

https://bugzilla.suse.com/1076696

https://bugzilla.suse.com/1080919

https://bugzilla.suse.com/1093753

https://bugzilla.suse.com/1101591

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:0137-1

Rating: important

Topics Covered

security advisory information leak memory corruption important SUSE systemd swap issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:0137-1 Important: Systemd Memory Corruption Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2019:0137-1 Important: Systemd Memory Corruption Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!