Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Desktop 12 SP2 package systemd, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (6)
CVE-2016-10156 — CVSS 7.8 (high): A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features…
CVE-2017-18078 — CVSS 7.8 (high): systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the…
CVE-2017-15908 — CVSS 7.5 (high): In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in…
CVE-2017-9217 — CVSS 7.5 (high): systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty…
CVE-2017-9445 — CVSS 7.5 (high): In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A…
CVE-2018-1049 — CVSS 5.9 (medium): In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be…