ID CVE-2018-15688
Summary A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
References
Vulnerable Configurations
  • cpe:2.3:a:freedesktop:systemd:239
    cpe:2.3:a:freedesktop:systemd:239
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • Canonical Ubuntu Linux 18.04 LTS Edition
    cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts
  • Canonical Ubuntu Linux 18.10
    cpe:2.3:o:canonical:ubuntu_linux:18.10
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • Red Hat Enterprise Linux Server Advanced mission critical Update Support (AUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
  • Red Hat Enterprise Linux Server Extended Update Support (EUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
  • Red Hat Enterprise Linux Server Telecommunications Update Service (TUS) 7.6
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
CVSS
Base: 7.5
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-3767-2.NASL
    description This update for systemd fixes the following issues : Security issues fixed : CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. (bsc#1113632) CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. (bsc#1113665) Non-security issues fixed: dhcp6: split assert_return() to be more debuggable when hit core: skip unit deserialization and move to the next one when unit_deserialize() fails core: properly handle deserialization of unknown unit types (#6476) core: don't create Requires for workdir if 'missing ok' (bsc#1113083) logind: use manager_get_user_by_pid() where appropriate logind: rework manager_get_{user|session}_by_pid() a bit login: fix user@.service case, so we don't allow nested sessions (#8051) (bsc#1112024) core: be more defensive if we can't determine per-connection socket peer (#7329) socket-util: introduce port argument in sockaddr_port() service: fixup ExecStop for socket-activated shutdown (#4120) service: Continue shutdown on socket activated unit on termination (#4108) (bsc#1106923) cryptsetup: build fixes for 'add support for sector-size= option' udev-rules: IMPORT cmdline does not recognize keys with similar names (bsc#1111278) core: keep the kernel coredump defaults when systemd-coredump is disabled core: shorten main() a bit, split out coredump initialization core: set RLIMIT_CORE to unlimited by default (bsc#1108835) core/mount: fstype may be NULL journald: don't ship systemd-journald-audit.socket (bsc#1109252) core: make 'tmpfs' dependencies on swapfs a 'default' dep, not an 'implicit' (bsc#1110445) mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076) tmp.mount.hm4: After swap.target (#3087) Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-11
    plugin id 119575
    published 2018-12-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119575
    title SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:3767-2)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-3665.NASL
    description From Red Hat Security Advisory 2018:3665 : An update for NetworkManager is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Security Fix(es) : * systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Ubuntu Security Team for reporting this issue. Upstream acknowledges Felix Wilhelm (Google) as the original reporter.
    last seen 2019-02-21
    modified 2018-12-11
    plugin id 119248
    published 2018-11-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119248
    title Oracle Linux 7 : NetworkManager (ELSA-2018-3665)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-71D85BC8CD.NASL
    description dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120524
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120524
    title Fedora 29 : 1:NetworkManager (2018-71d85bc8cd)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-7243F31304.NASL
    description - ifcfg: fix crash parsing DNS entries (rh #1607866) - dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120527
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120527
    title Fedora 28 : 1:NetworkManager (2018-7243f31304)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-1_0-0193_SYSTEMD.NASL
    description An update of the systemd package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 121894
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121894
    title Photon OS 1.0: Systemd PHSA-2018-1.0-0193
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201810-10.NASL
    description The remote host is affected by the vulnerability described in GLSA-201810-10 (systemd: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly execute arbitrary code, cause a Denial of Service condition, or gain escalated privileges. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-12-11
    plugin id 118510
    published 2018-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118510
    title GLSA-201810-10 : systemd: Multiple vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-24BD6C9D4A.NASL
    description - Fix a local vulnerability from a race condition in chown-recursive (CVE-2018-15687, #1643367) - Fix a local vulnerability from invalid handling of long lines in state deserialization (CVE-2018-15686, #1643372) - Fix a remote vulnerability in DHCPv6 in systemd-networkd (CVE-2018-15688, #1643362) - Downgrade logging of various messages and add loging in other places - Many many fixes in error handling and minor memory leaks and such - Fix typos and omissions in documentation - Various smaller improvements to unit ordering and dependencies - Handling of invalid (intentionally corrupt) dbus messages is improved, fixing potential local DOS avenues - The target of symlinks links in .wants/ and .requires/ is now ignored. This fixes an issue where the unit file would sometimes be loaded from such a symlink, leading to non-deterministic unit contents. - Filtering of kernel threads is improved. This fixes an issues with newer kernels where hybrid kernel/user threads are used by bpfilter. - Catalog entries for the journal are improved (#1639482) No need to reboot or log out. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120295
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120295
    title Fedora 28 : systemd (2018-24bd6c9d4a)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-C402EEA18B.NASL
    description - Fix a local vulnerability from a race condition in chown-recursive (CVE-2018-15687, #1639076) - Fix a local vulnerability from invalid handling of long lines in state deserialization (CVE-2018-15686, #1639071) - Fix a remote vulnerability in DHCPv6 in systemd-networkd (CVE-2018-15688, #1639067) - The DHCP server is started only when link is UP - DHCPv6 prefix delegation is improved - Downgrade logging of various messages and add loging in other places - Many many fixes in error handling and minor memory leaks and such - Fix typos and omissions in documentation - Typo in %%_environmnentdir rpm macro is fixed (with backwards compatibility preserved) - Matching by MACAddress= in systemd-networkd is fixed - Creation of user runtime directories is improved, and the user manager is only stopped after 10 s after the user logs out (#1642460 and other bugs) - systemd units systemd-timesyncd, systemd-resolved, systemd-networkd are switched back to use DynamicUser=0 - Aliases are now resolved when loading modules from pid1. This is a (redundant) fix for a brief kernel regression. - 'systemctl --wait start' exits immediately if no valid units are named - zram devices are not considered as candidates for hibernation - ECN is not requested for both in- and out-going connections (the sysctl overide for net.ipv4.tcp_ecn is removed) - Various smaller improvements to unit ordering and dependencies - generators are now called with the manager's environment - Handling of invalid (intentionally corrupt) dbus messages is improved, fixing potential local DOS avenues - The target of symlinks links in .wants/ and .requires/ is now ignored. This fixes an issue where the unit file would sometimes be loaded from such a symlink, leading to non-deterministic unit contents. - Filtering of kernel threads is improved. This fixes an issues with newer kernels where hybrid kernel/user threads are used by bpfilter. - 'noresume' can be used on the kernel command line to force normal boot even if a hibernation images is present - Hibernation is not advertised if resume= is not present on the kernenl command line - Hibernation/Suspend/... modes can be disabled using AllowSuspend=, AllowHibernation=, AllowSuspendThenHibernate=, AllowHybridSleep= - LOGO= and DOCUMENTATION_URL= are documented for the os-release file - The hashmap mempool is now only used internally in systemd, and is disabled for external users of the systemd libraries - Additional state is serialized/deserialized when logind is restarted, fixing the handling of user objects - Catalog entries for the journal are improved (#1639482) - If suspend fails, the post-suspend hooks are still called. - Various build issues on less-common architectures are fixed No need to reboot or log out. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120769
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120769
    title Fedora 29 : systemd (2018-c402eea18b)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-FC3018B1BD.NASL
    description dhcp: fix out-of-bounds heap write for DHCPv6 with internal plugin (CVE-2018-15688) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-11
    plugin id 119009
    published 2018-11-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119009
    title Fedora 27 : 1:NetworkManager (2018-fc3018b1bd)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3807-1.NASL
    description Felix Wilhelm discovered that the NetworkManager internal DHCPv6 client incorrectly handled certain DHCPv6 messages. In non-default configurations where the internal DHCP client is enabled, an attacker on the same network could use this issue to cause NetworkManager to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-11
    plugin id 118751
    published 2018-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118751
    title Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : network-manager vulnerability (USN-3807-1)
  • NASL family Amazon Linux Local Security Checks
    NASL id AL2_ALAS-2019-1144.NASL
    description It was discovered that systemd-network does not correctly keep track of a buffer size when constructing DHCPv6 packets. This flaw may lead to an integer underflow that can be used to produce an heap-based buffer overflow. A malicious host on the same network segment as the victim's one may advertise itself as a DHCPv6 server and exploit this flaw to cause a Denial of Service or potentially gain code execution on the victim's machine.(CVE-2018-15688)
    last seen 2019-02-21
    modified 2019-01-10
    plugin id 121053
    published 2019-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121053
    title Amazon Linux 2 : NetworkManager (ALAS-2019-1144)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1580.NASL
    description systemd was found to suffer from multiple security vulnerabilities ranging from denial of service attacks to possible root privilege escalation. CVE-2018-1049 A race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted. CVE-2018-15686 A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. CVE-2018-15688 A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd, which is not enabled by default in Debian. For Debian 8 'Jessie', these problems have been fixed in version 215-17+deb8u8. We recommend that you upgrade your systemd packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-11
    plugin id 119039
    published 2018-11-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119039
    title Debian DLA-1580-1 : systemd security update
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-3665.NASL
    description An update for NetworkManager is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Security Fix(es) : * systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Ubuntu Security Team for reporting this issue. Upstream acknowledges Felix Wilhelm (Google) as the original reporter.
    last seen 2019-02-21
    modified 2018-12-14
    plugin id 119664
    published 2018-12-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119664
    title CentOS 7 : NetworkManager (CESA-2018:3665)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20181127_NETWORKMANAGER_ON_SL7_X.NASL
    description Security Fix(es) : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 119249
    published 2018-11-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119249
    title Scientific Linux Security Update : NetworkManager on SL7.x x86_64
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-2_0-0107_SYSTEMD.NASL
    description An update of the systemd package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 122002
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122002
    title Photon OS 2.0: Systemd PHSA-2018-2.0-0107
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-3767-1.NASL
    description This update for systemd fixes the following issues : Security issues fixed : CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. (bsc#1113632) CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. (bsc#1113665) Non-security issues fixed: dhcp6: split assert_return() to be more debuggable when hit core: skip unit deserialization and move to the next one when unit_deserialize() fails core: properly handle deserialization of unknown unit types (#6476) core: don't create Requires for workdir if 'missing ok' (bsc#1113083) logind: use manager_get_user_by_pid() where appropriate logind: rework manager_get_{user|session}_by_pid() a bit login: fix user@.service case, so we don't allow nested sessions (#8051) (bsc#1112024) core: be more defensive if we can't determine per-connection socket peer (#7329) socket-util: introduce port argument in sockaddr_port() service: fixup ExecStop for socket-activated shutdown (#4120) service: Continue shutdown on socket activated unit on termination (#4108) (bsc#1106923) cryptsetup: build fixes for 'add support for sector-size= option' udev-rules: IMPORT cmdline does not recognize keys with similar names (bsc#1111278) core: keep the kernel coredump defaults when systemd-coredump is disabled core: shorten main() a bit, split out coredump initialization core: set RLIMIT_CORE to unlimited by default (bsc#1108835) core/mount: fstype may be NULL journald: don't ship systemd-journald-audit.socket (bsc#1109252) core: make 'tmpfs' dependencies on swapfs a 'default' dep, not an 'implicit' (bsc#1110445) mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076) tmp.mount.hm4: After swap.target (#3087) Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-11
    plugin id 118965
    published 2018-11-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118965
    title SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:3767-1)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20190114_SYSTEMD_ON_SL7_X.NASL
    description Security Fix(es) : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) - systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864) - systemd: stack overflow when receiving many journald entries (CVE-2018-16865)
    last seen 2019-02-21
    modified 2019-01-16
    plugin id 121204
    published 2019-01-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121204
    title Scientific Linux Security Update : systemd on SL7.x x86_64
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-1423.NASL
    description This update for systemd fixes the following issues : Security issues fixed : - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. (bsc#1113632) - CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. (bsc#1113665) Non-security issues fixed : - dhcp6: split assert_return() to be more debuggable when hit - core: skip unit deserialization and move to the next one when unit_deserialize() fails - core: properly handle deserialization of unknown unit types (#6476) - core: don't create Requires for workdir if 'missing ok' (bsc#1113083) - logind: use manager_get_user_by_pid() where appropriate - logind: rework manager_get_{user|session}_by_pid() a bit - login: fix user@.service case, so we don't allow nested sessions (#8051) (bsc#1112024) - core: be more defensive if we can't determine per-connection socket peer (#7329) - socket-util: introduce port argument in sockaddr_port() - service: fixup ExecStop for socket-activated shutdown (#4120) - service: Continue shutdown on socket activated unit on termination (#4108) (bsc#1106923) - cryptsetup: build fixes for 'add support for sector-size= option' - udev-rules: IMPORT cmdline does not recognize keys with similar names (bsc#1111278) - core: keep the kernel coredump defaults when systemd-coredump is disabled - core: shorten main() a bit, split out coredump initialization - core: set RLIMIT_CORE to unlimited by default (bsc#1108835) - core/mount: fstype may be NULL - journald: don't ship systemd-journald-audit.socket (bsc#1109252) - core: make 'tmpfs' dependencies on swapfs a 'default' dep, not an 'implicit' (bsc#1110445) - mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076) - tmp.mount.hm4: After swap.target (#3087) - Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool. This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen 2019-02-21
    modified 2018-12-11
    plugin id 119028
    published 2018-11-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119028
    title openSUSE Security Update : systemd (openSUSE-2018-1423)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-3644-1.NASL
    description This update for systemd fixes the following issues : Security issues fixed : CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. (bsc#1113632) CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. (bsc#1113665) Non security issues fixed: dhcp6: split assert_return() to be more debuggable when hit core: skip unit deserialization and move to the next one when unit_deserialize() fails core: properly handle deserialization of unknown unit types (#6476) core: don't create Requires for workdir if 'missing ok' (bsc#1113083) logind: use manager_get_user_by_pid() where appropriate logind: rework manager_get_{user|session}_by_pid() a bit login: fix user@.service case, so we don't allow nested sessions (#8051) (bsc#1112024) core: be more defensive if we can't determine per-connection socket peer (#7329) core: introduce systemd.early_core_pattern= kernel cmdline option core: add missing 'continue' statement core/mount: fstype may be NULL journald: don't ship systemd-journald-audit.socket (bsc#1109252) core: make 'tmpfs' dependencies on swapfs a 'default' dep, not an 'implicit' (bsc#1110445) mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076) detect-virt: do not try to read all of /proc/cpuinfo (bsc#1109197) emergency: make sure console password agents don't interfere with the emergency shell man: document that 'nofail' also has an effect on ordering journald: take leading spaces into account in syslog_parse_identifier journal: do not remove multiple spaces after identifier in syslog message syslog: fix segfault in syslog_parse_priority() journal: fix syslog_parse_identifier() install: drop left-over debug message (#6913) Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool. Add udev.no-partlabel-links kernel command-line option. This option can be used to disable the generation of the by-partlabel symlinks regardless of the name used. (bsc#1089761) man: SystemMaxUse= clarification in journald.conf(5). (bsc#1101040) systemctl: load unit if needed in 'systemctl is-active' (bsc#1102908) core: don't freeze OnCalendar= timer units when the clock goes back a lot (bsc#1090944) Enable or disable machines.target according to the presets (bsc#1107941) cryptsetup: add support for sector-size= option (fate#325697) nspawn: always use permission mode 555 for /sys (bsc#1107640) Bugfix for a race condition between daemon-reload and other commands (bsc#1105031) Fixes an issue where login with root credentials was not possible in init level 5 (bsc#1091677) Fix an issue where services of type 'notify' harmless DENIED log entries. (bsc#991901) Does no longer adjust qgroups on existing subvolumes (bsc#1093753) cryptsetup: add support for sector-size= option (#9936) (fate#325697 bsc#1114135) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 120157
    published 2019-01-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120157
    title SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2018:3644-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3665.NASL
    description An update for NetworkManager is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband (WWAN), and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. Security Fix(es) : * systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Ubuntu Security Team for reporting this issue. Upstream acknowledges Felix Wilhelm (Google) as the original reporter.
    last seen 2019-02-21
    modified 2018-12-11
    plugin id 119172
    published 2018-11-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119172
    title RHEL 7 : NetworkManager (RHSA-2018:3665)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-1382.NASL
    description This update for systemd fixes the following issues : Security issues fixed : - CVE-2018-15688: A buffer overflow vulnerability in the dhcp6 client of systemd allowed a malicious dhcp6 server to overwrite heap memory in systemd-networkd. (bsc#1113632) - CVE-2018-15686: A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. (bsc#1113665) Non security issues fixed : - dhcp6: split assert_return() to be more debuggable when hit - core: skip unit deserialization and move to the next one when unit_deserialize() fails - core: properly handle deserialization of unknown unit types (#6476) - core: don't create Requires for workdir if 'missing ok' (bsc#1113083) - logind: use manager_get_user_by_pid() where appropriate - logind: rework manager_get_{user|session}_by_pid() a bit - login: fix user@.service case, so we don't allow nested sessions (#8051) (bsc#1112024) - core: be more defensive if we can't determine per-connection socket peer (#7329) - core: introduce systemd.early_core_pattern= kernel cmdline option - core: add missing 'continue' statement - core/mount: fstype may be NULL - journald: don't ship systemd-journald-audit.socket (bsc#1109252) - core: make 'tmpfs' dependencies on swapfs a 'default' dep, not an 'implicit' (bsc#1110445) - mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076) - detect-virt: do not try to read all of /proc/cpuinfo (bsc#1109197) - emergency: make sure console password agents don't interfere with the emergency shell - man: document that 'nofail' also has an effect on ordering - journald: take leading spaces into account in syslog_parse_identifier - journal: do not remove multiple spaces after identifier in syslog message - syslog: fix segfault in syslog_parse_priority() - journal: fix syslog_parse_identifier() - install: drop left-over debug message (#6913) - Ship systemd-sysv-install helper via the main package This script was part of systemd-sysvinit sub-package but it was wrong since systemd-sysv-install is a script used to redirect enable/disable operations to chkconfig when the unit targets are sysv init scripts. Therefore it's never been a SySV init tool. - Add udev.no-partlabel-links kernel command-line option. This option can be used to disable the generation of the by-partlabel symlinks regardless of the name used. (bsc#1089761) - man: SystemMaxUse= clarification in journald.conf(5). (bsc#1101040) - systemctl: load unit if needed in 'systemctl is-active' (bsc#1102908) - core: don't freeze OnCalendar= timer units when the clock goes back a lot (bsc#1090944) - Enable or disable machines.target according to the presets (bsc#1107941) - cryptsetup: add support for sector-size= option (fate#325697) - nspawn: always use permission mode 555 for /sys (bsc#1107640) - Bugfix for a race condition between daemon-reload and other commands (bsc#1105031) - Fixes an issue where login with root credentials was not possible in init level 5 (bsc#1091677) - Fix an issue where services of type 'notify' harmless DENIED log entries. (bsc#991901) - Does no longer adjust qgroups on existing subvolumes (bsc#1093753) - cryptsetup: add support for sector-size= option (#9936) (fate#325697 bsc#1114135) This update was imported from the SUSE:SLE-15:Update update project.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 118878
    published 2018-11-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118878
    title openSUSE Security Update : systemd (openSUSE-2018-1382)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2019-0049.NASL
    description An update for systemd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es) : * systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) * systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864) * systemd: stack overflow when receiving many journald entries (CVE-2018-16865) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Ubuntu Security Team for reporting CVE-2018-15688 and Qualys Research Labs for reporting CVE-2018-16864 and CVE-2018-16865. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of CVE-2018-15688.
    last seen 2019-02-21
    modified 2019-01-15
    plugin id 121173
    published 2019-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121173
    title RHEL 7 : systemd (RHSA-2019:0049)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2019-0049.NASL
    description An update for systemd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es) : * systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) * systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864) * systemd: stack overflow when receiving many journald entries (CVE-2018-16865) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Ubuntu Security Team for reporting CVE-2018-15688 and Qualys Research Labs for reporting CVE-2018-16864 and CVE-2018-16865. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of CVE-2018-15688.
    last seen 2019-02-21
    modified 2019-01-16
    plugin id 121192
    published 2019-01-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121192
    title CentOS 7 : systemd (CESA-2019:0049)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2019-0049.NASL
    description From Red Hat Security Advisory 2019:0049 : An update for systemd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit. Security Fix(es) : * systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) * systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864) * systemd: stack overflow when receiving many journald entries (CVE-2018-16865) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Ubuntu Security Team for reporting CVE-2018-15688 and Qualys Research Labs for reporting CVE-2018-16864 and CVE-2018-16865. Upstream acknowledges Felix Wilhelm (Google) as the original reporter of CVE-2018-15688.
    last seen 2019-02-21
    modified 2019-01-15
    plugin id 121172
    published 2019-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121172
    title Oracle Linux 7 : systemd (ELSA-2019-0049)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2019-1045.NASL
    description According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) - systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864) - systemd: stack overflow when receiving many journald entries (CVE-2018-16865) - systemd: Assertion failure when PID 1 receives a zero-length message over notify socket(CVE-2016-7795) - systemd: Unsafe handling of hard links allowing privilege escalation(CVE-2017-18078) - systemd: Out-of-bounds write in systemd-resolved due to allocating too small buffer in dns_packet_new(CVE-2017-9445) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-02-15
    plugin id 122218
    published 2019-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122218
    title EulerOS 2.0 SP5 : systemd (EulerOS-SA-2019-1045)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3806-1.NASL
    description Felix Wilhelm discovered that the systemd-networkd DHCPv6 client incorrectly handled certain DHCPv6 messages. In configurations where systemd-networkd is being used, an attacker on the same network could use this issue to cause systemd-networkd to crash, resulting in a denial of service, or possibly execute arbitrary code. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-11
    plugin id 118750
    published 2018-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118750
    title Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : systemd vulnerability (USN-3806-1)
  • NASL family Amazon Linux Local Security Checks
    NASL id AL2_ALAS-2019-1160.NASL
    description An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges.(CVE-2018-16864) It was discovered that systemd-network does not correctly keep track of a buffer size when constructing DHCPv6 packets. This flaw may lead to an integer underflow that can be used to produce an heap-based buffer overflow. A malicious host on the same network segment as the victim's one may advertise itself as a DHCPv6 server and exploit this flaw to cause a Denial of Service or potentially gain code execution on the victim's machine.(CVE-2018-15688) An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges.(CVE-2018-16865)
    last seen 2019-02-21
    modified 2019-02-14
    plugin id 122161
    published 2019-02-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122161
    title Amazon Linux 2 : systemd (ALAS-2019-1160)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2019-1060.NASL
    description According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling (CVE-2018-15688) - systemd: stack overflow when calling syslog from a command with long cmdline (CVE-2018-16864) - systemd: stack overflow when receiving many journald entries (CVE-2018-16865) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-23
    modified 2019-02-22
    plugin id 122387
    published 2019-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122387
    title EulerOS 2.0 SP2 : systemd (EulerOS-SA-2019-1060)
redhat via4
advisories
  • bugzilla
    id 1639067
    title CVE-2018-15688 systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhsa:tst:20140675001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhsa:tst:20140675002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhsa:tst:20140675003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhsa:tst:20140675004
    • OR
      • AND
        • comment NetworkManager is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665007
        • comment NetworkManager is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110930006
      • AND
        • comment NetworkManager-adsl is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665027
        • comment NetworkManager-adsl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152315030
      • AND
        • comment NetworkManager-bluetooth is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665005
        • comment NetworkManager-bluetooth is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152315052
      • AND
        • comment NetworkManager-config-server is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665031
        • comment NetworkManager-config-server is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152315048
      • AND
        • comment NetworkManager-dispatcher-routing-rules is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665033
        • comment NetworkManager-dispatcher-routing-rules is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20162581054
      • AND
        • comment NetworkManager-glib is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665011
        • comment NetworkManager-glib is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110930010
      • AND
        • comment NetworkManager-glib-devel is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665021
        • comment NetworkManager-glib-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20110930012
      • AND
        • comment NetworkManager-libnm is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665029
        • comment NetworkManager-libnm is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152315040
      • AND
        • comment NetworkManager-libnm-devel is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665015
        • comment NetworkManager-libnm-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152315028
      • AND
        • comment NetworkManager-ovs is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665017
        • comment NetworkManager-ovs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20183665018
      • AND
        • comment NetworkManager-ppp is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665013
        • comment NetworkManager-ppp is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20172299040
      • AND
        • comment NetworkManager-team is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665009
        • comment NetworkManager-team is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152315046
      • AND
        • comment NetworkManager-tui is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665019
        • comment NetworkManager-tui is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152315044
      • AND
        • comment NetworkManager-wifi is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665023
        • comment NetworkManager-wifi is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152315042
      • AND
        • comment NetworkManager-wwan is earlier than 1:1.12.0-8.el7_6
          oval oval:com.redhat.rhsa:tst:20183665025
        • comment NetworkManager-wwan is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20152315034
    rhsa
    id RHSA-2018:3665
    released 2018-11-26
    severity Important
    title RHSA-2018:3665: NetworkManager security update (Important)
  • rhsa
    id RHSA-2019:0049
rpms
  • NetworkManager-1:1.12.0-8.el7_6
  • NetworkManager-adsl-1:1.12.0-8.el7_6
  • NetworkManager-bluetooth-1:1.12.0-8.el7_6
  • NetworkManager-config-server-1:1.12.0-8.el7_6
  • NetworkManager-dispatcher-routing-rules-1:1.12.0-8.el7_6
  • NetworkManager-glib-1:1.12.0-8.el7_6
  • NetworkManager-glib-devel-1:1.12.0-8.el7_6
  • NetworkManager-libnm-1:1.12.0-8.el7_6
  • NetworkManager-libnm-devel-1:1.12.0-8.el7_6
  • NetworkManager-ovs-1:1.12.0-8.el7_6
  • NetworkManager-ppp-1:1.12.0-8.el7_6
  • NetworkManager-team-1:1.12.0-8.el7_6
  • NetworkManager-tui-1:1.12.0-8.el7_6
  • NetworkManager-wifi-1:1.12.0-8.el7_6
  • NetworkManager-wwan-1:1.12.0-8.el7_6
  • libgudev1-0:219-62.el7_6.2
  • libgudev1-devel-0:219-62.el7_6.2
  • systemd-0:219-62.el7_6.2
  • systemd-devel-0:219-62.el7_6.2
  • systemd-journal-gateway-0:219-62.el7_6.2
  • systemd-libs-0:219-62.el7_6.2
  • systemd-networkd-0:219-62.el7_6.2
  • systemd-python-0:219-62.el7_6.2
  • systemd-resolved-0:219-62.el7_6.2
  • systemd-sysv-0:219-62.el7_6.2
refmap via4
bid 105745
gentoo GLSA-201810-10
misc https://github.com/systemd/systemd/pull/10518
mlist [debian-lts-announce] 20181119 [SECURITY] [DLA 1580-1] systemd security update
ubuntu
  • USN-3806-1
  • USN-3807-1
Last major update 29-10-2018 - 08:29
Published 26-10-2018 - 10:29
Last modified 21-03-2019 - 10:41
Back to Top