Monday, September 30, 2019

Linux Systemd Privilege Escalation Vulnerabilities


New Systemd Privilege Escalation Flaws Affect Most Linux Distributions

For most Linux OS, Systemd is a popular init system and service manager. Three vulnerabilities in Systemd have been discovered by the security researchers at Qualys. This vulnerability could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems.

CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866. These vulnerabilities actually resides in "systemd-journald" service that collects information from different sources and creates event logs by logging information in the journal. This vulnerabilities affects all systemd-based Linux distribution, Qualys says. However, SUSE Linux Enterprise 15, openSUSE Leap 15.0, and Fedora 28 and 29 are not affected, as "their userspace [code] is compiled with GCC's -fstack-clash-protection.
The first two flaws are memory corruptions issues, while the third one is an out-of-bounds read issue in systemd-journald that can leak sensitive process memory data.


For more info click here

1 comment: