Vulnerabilities (CVE)

Filtered by vendor Systemd Project Subscribe
Filtered by product Systemd
Total 47 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-7796 3 Novell, Redhat, Systemd Project 9 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Server For Sap and 6 more 2023-12-10 4.9 MEDIUM 5.5 MEDIUM
The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.
CVE-2012-0871 2 Opensuse, Systemd Project 2 Opensuse, Systemd 2023-12-10 6.3 MEDIUM N/A
The session_link_x11_socket function in login/logind-session.c in systemd-logind in systemd, possibly 37 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on the X11 user directory in /run/user/.
CVE-2013-4391 2 Debian, Systemd Project 2 Debian Linux, Systemd 2023-12-10 7.5 HIGH N/A
Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.
CVE-2013-4392 1 Systemd Project 1 Systemd 2023-12-10 3.3 LOW N/A
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.
CVE-2013-4393 1 Systemd Project 1 Systemd 2023-12-10 2.1 LOW N/A
journald in systemd, when the origin of native messages is set to file, allows local users to cause a denial of service (logging service blocking) via a crafted file descriptor.
CVE-2013-4327 3 Canonical, Debian, Systemd Project 3 Ubuntu Linux, Debian Linux, Systemd 2023-12-10 6.9 MEDIUM N/A
systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
CVE-2013-4394 2 Debian, Systemd Project 2 Debian Linux, Systemd 2023-12-10 5.9 MEDIUM N/A
The SetX11Keyboard function in systemd, when PolicyKit Local Authority (PKLA) is used to change the group permissions on the X Keyboard Extension (XKB) layouts description, allows local users in the group to modify the Xorg X11 Server configuration file and possibly gain privileges via vectors involving "special and control characters."