Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2023-26604

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. (CVE-2023-26604)

Source

ALAS2-2023-2004

Amazon Linux 2 Security Advisory: ALAS-2023-2004
Advisory Release Date: 2023-03-30 18:55 Pacific
Advisory Updated Date: 2023-04-04 22:09 Pacific

Severity: Important

References: CVE-2023-26604
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output. (CVE-2023-26604)

Affected Packages:

systemd

Issue Correction:
Run yum update systemd to update your system.

New Packages:

aarch64:
    systemd-219-78.amzn2.0.22.aarch64
    systemd-libs-219-78.amzn2.0.22.aarch64
    systemd-devel-219-78.amzn2.0.22.aarch64
    systemd-sysv-219-78.amzn2.0.22.aarch64
    systemd-python-219-78.amzn2.0.22.aarch64
    libgudev1-219-78.amzn2.0.22.aarch64
    libgudev1-devel-219-78.amzn2.0.22.aarch64
    systemd-journal-gateway-219-78.amzn2.0.22.aarch64
    systemd-networkd-219-78.amzn2.0.22.aarch64
    systemd-resolved-219-78.amzn2.0.22.aarch64
    systemd-debuginfo-219-78.amzn2.0.22.aarch64

i686:
    systemd-219-78.amzn2.0.22.i686
    systemd-libs-219-78.amzn2.0.22.i686
    systemd-devel-219-78.amzn2.0.22.i686
    systemd-sysv-219-78.amzn2.0.22.i686
    systemd-python-219-78.amzn2.0.22.i686
    libgudev1-219-78.amzn2.0.22.i686
    libgudev1-devel-219-78.amzn2.0.22.i686
    systemd-journal-gateway-219-78.amzn2.0.22.i686
    systemd-networkd-219-78.amzn2.0.22.i686
    systemd-resolved-219-78.amzn2.0.22.i686
    systemd-debuginfo-219-78.amzn2.0.22.i686

src:
    systemd-219-78.amzn2.0.22.src

x86_64:
    systemd-219-78.amzn2.0.22.x86_64
    systemd-libs-219-78.amzn2.0.22.x86_64
    systemd-devel-219-78.amzn2.0.22.x86_64
    systemd-sysv-219-78.amzn2.0.22.x86_64
    systemd-python-219-78.amzn2.0.22.x86_64
    libgudev1-219-78.amzn2.0.22.x86_64
    libgudev1-devel-219-78.amzn2.0.22.x86_64
    systemd-journal-gateway-219-78.amzn2.0.22.x86_64
    systemd-networkd-219-78.amzn2.0.22.x86_64
    systemd-resolved-219-78.amzn2.0.22.x86_64
    systemd-debuginfo-219-78.amzn2.0.22.x86_64

Additional References

Red Hat: CVE-2023-26604

Mitre: CVE-2023-26604

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS2-2023-2004

ALAS2-2023-2004

Additional References

Vulmon Search

About

Products

Connect