Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 50 results


CVE-2023-7008

Low priority

Some fixes available 2 of 9

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to...

1 affected packages

systemd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
systemd Fixed Vulnerable Vulnerable Needs evaluation Needs evaluation
Show less packages

CVE-2023-31439

Medium priority
Ignored

** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE:...

1 affected packages

systemd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
systemd Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-31438

Medium priority
Ignored

** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent...

1 affected packages

systemd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
systemd Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-31437

Medium priority
Ignored

** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying...

1 affected packages

systemd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
systemd Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-26604

Low priority
Vulnerable

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set...

1 affected packages

systemd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
systemd Not affected Not affected Vulnerable Vulnerable Needs evaluation
Show less packages

CVE-2022-4415

Medium priority

Some fixes available 3 of 5

A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.

1 affected packages

systemd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
systemd Fixed Fixed Ignored Ignored
Show less packages

CVE-2022-45873

Medium priority
Fixed

systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary...

1 affected packages

systemd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
systemd Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-3821

Medium priority
Fixed

An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a...

1 affected packages

systemd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
systemd Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-2526

Medium priority
Fixed

A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream...

1 affected packages

systemd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
systemd Not affected Not affected Fixed Not affected
Show less packages

CVE-2021-3997

Medium priority

Some fixes available 3 of 6

A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp.

1 affected packages

systemd

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
systemd Fixed Ignored Ignored
Show less packages