- Home
- CVEs with nessus.description==Large syslogd messages sent to journald can cause stack corruption,
causing journald to crash. The version of systemd on Amazon Linux 2 is
not vulnerable to privilege escalation in this case. (CVE-2018-16864)
Large native messages to journald can cause stack corruption, leading
to possible local privilege escalation.(CVE-2018-16865)
Please note, if you have systemd-journald-remote configured over http,
then you could be open to remote escalation on previous versions of
the systemd package. The systemd-journald-remote service is not
installed by default on Amazon Linux 2, and when installed and
enabled, the default configuration is to use https. (CVE-2018-16865)
An out-of-bounds read in journald, triggered by a specially crafted
message, can be used to leak information through the journal file
(CVE-2018-16866)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top