CVE-2018-15688

Synopsis Important: systemd security update Type/Severity Security Advisory: Important Topic An update for systemd is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...

Synopsis Important: NetworkManager security update Type/Severity Security Advisory: Important Topic An update for NetworkManager is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...

Debian Bug report logs - #912007 systemd: CVE-2018-15687: chown_one() can dereference symlinks Package: src:systemd; Maintainer for src:systemd is Debian systemd Maintainers <pkg-systemd-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 27 Oct 2018 07:57:02 UTC Sev ...

Debian Bug report logs - #912008 systemd: CVE-2018-15688: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling Package: src:systemd; Maintainer for src:systemd is Debian systemd Maintainers <pkg-systemd-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat ...

NetworkManager could be made to crash or run programs if it received specially crafted network traffic ...

systemd-networkd could be made to crash or run programs if it received specially crafted network traffic ...

It was discovered that systemd-network does not correctly keep track of a buffer size when constructing DHCPv6 packets This flaw may lead to an integer underflow that can be used to produce an heap-based buffer overflow A malicious host on the same network segment as the victim's one may advertise itself as a DHCPv6 server and exploit this flaw t ...

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog A local attacker may use this flaw to crash systemd-journald or escalate privileges(CVE-2018-16864) It was discovered that systemd-network does ...

It was discovered that systemd-network does not correctly keep track of a buffer size when constructing DHCPv6 packets This flaw may lead to an integer underflow that can be used to produce an heap-based buffer overflow A malicious host on the same network segment as the victim's one may advertise itself as a DHCPv6 server and exploit this flaw t ...

An out-of-bounds write has been found in the dhcpv6 option handing code of systemd-networkd up to and including v239 It was discovered that systemd-network does not correctly keep track of a buffer size in the dhcp6_option_append_ia() function, when constructing DHCPv6 packets This flaw may lead to an integer underflow that can be used to produ ...