[sf-lug] systemd and memory corruption...

[Ken Shaffer]

Maybe the week you lost contact, Bobbie.  Ubuntu patches were out Jan 11,
and Rick commented.
Just to repeat the vulnerabilities and fixed package from the earlier Jan
11 post:

systemd (237-3ubuntu10.11) bionic-security; urgency=medium

  * SECURITY UPDATE: memory corruption in journald via attacker controlled
alloca
    - debian/patches/CVE-2018-16864.patch: journald: do not store the iovec
      entry for process commandline on the stack
    - CVE-2018-16864
  * SECURITY UPDATE: memory corruption in journald via attacker controlled
alloca
    - debian/patches/CVE-2018-16865_1.patch: journald: set a limit on the
      number of fields (1k)
    - debian/patches/CVE-2018-16865_2.patch: journal-remote: set a limit on
the
      number of fields in a message
    - CVE-2018-16865
  * SECURITY UPDATE: out-of-bounds read in journald
    - debian/patches/CVE-2018-16866.patch: journal: fix
syslog_parse_identifier()
    - CVE-2018-16866

Ken

On Tue, Jan 22, 2019 at 8:27 AM Bobbie Sellers <bliss-sf4ever at dslextreme.com>
wrote:

> Hi LUGers,
>
>     Well some of knew in our hearts that systemd was
> an evil scheme.  ;^)    I found this on the Usenet in a
> Linux newsgroup, comp.os.linux.misc.  ;^|
>
>
> <https://www.bleepingcomputer.com/news/security/linux-systemd-affected-by-memory-corruption-vulnerabilities-no-patches-yet/>
> <https://www.bleepingcomputer.com/news/security/linux-systemd-affected-by-memory-corruption-vulnerabilities-no-patches-yet/>
>
>     I haven't had time to read the full article at the site.
>     Rick can probably comment better than I on the article
> and its assertions.
>
>     Bobbie Sellers
> _______________________________________________
> sf-lug mailing list
> sf-lug at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/sf-lug
> SF-LUG is at http://www.sf-lug.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://linuxmafia.com/pipermail/sf-lug/attachments/20190122/c70c2f5a/attachment.html>