Vulnerability CVE-2018-16865


Published: 2019-01-11

Description:
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
systemd-journald Memory Corruption / Information Leak
Qualys
10.01.2019

 References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16865
https://www.qualys.com/2019/01/09/system-down/system-down.txt

Copyright 2019, cxsecurity.com

 

Back to Top