systemd project systemd 17 vulnerabilities and exploits

(subscribe to this query)

systemd 242 changes the VT1 mode upon a logout, which allows malicious users to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

Systemd Project Systemd 242 Netapp Cn1610 Firmware -Netapp Solidfire & Hci Management Node -Netapp Snapprotect -

1 Github repository

LightDM up to and including 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate malicious users to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session.

Lightdm Project Lightdm

The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and previous versions, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.

1 Github repository

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook