You can now find Cyber Kendra on Google News | Telegram

Linux Systemd Affected by New Privileged Escalation Flaws

Most of the Linux system is affected by Privileged Escalation Flaws
Security researchers at Qualys have found Three security vulnerabilities on the core component in Linux that manages system processes after the boot process. The bug resides on the 'systemd-journald' service, which collects and stores log data of the Linux system.

On these three vulnerabilities - two are memory corruption (Stack Buffer Overflow) and one out-of-bounds error (Information Leak). The following CVE id have been allocated to the bug -
  • CVE-2018-16864 - Privilege Escalation
  • CVE-2018-16865 - Privilege Escalation
  • CVE-2018-16866 - Information leak
According to the researcher note,- the discovered vulnerabilities affect all system based on Linux distributions, including Redhat and Debian, but some Linux distros such as SUSE Linux Enterprise 15, openSUSE Leap 15.0, and Fedora 28 and 29 are not affected because their userspace is compiled with GCC's -fstack-clash-protection.

Now the worst thing is that there no Patch Yet available for the discovered bugs. Only the information leak (CVE-2018-16866) vulnerability has been fixed on Debian in the unstable systemd 240-1 release.

We have also found a mailing list which describe the technical details on these bugs. 

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.