Vulnerability CVE-2018-16864


Published: 2019-01-11

Description:
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
systemd-journald Memory Corruption / Information Leak
Qualys
10.01.2019

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16864
https://www.qualys.com/2019/01/09/system-down/system-down.txt

Copyright 2019, cxsecurity.com

 

Back to Top