systemd (SUSE:Linux Enterprise Software Development Kit 12 SP3) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP3 package systemd, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (13)
CVE-2018-15688 — CVSS 8.8 (high): A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in…
CVE-2018-16864 — CVSS 7.8 (high): An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in…
CVE-2018-16865 — CVSS 7.8 (high): An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in…
CVE-2017-18078 — CVSS 7.8 (high): systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the…
CVE-2018-6954 — CVSS 7.8 (high): systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain…
CVE-2018-15686 — CVSS 7.8 (high): A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess…
CVE-2017-15908 — CVSS 7.5 (high): In systemd 223 through 235, a remote DNS server can respond with a custom crafted DNS NSEC resource record to trigger an infinite loop in…
CVE-2017-9217 — CVSS 7.5 (high): systemd-resolved through 233 allows remote attackers to cause a denial of service (daemon crash) via a crafted DNS response with an empty…
CVE-2017-9445 — CVSS 7.5 (high): In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A…
CVE-2019-3842 — CVSS 7.0 (high): In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT…
CVE-2018-1049 — CVSS 5.9 (medium): In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be…
CVE-2019-6454 — CVSS 5.5 (medium): An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack…
CVE-2018-16866 — CVSS 3.3 (low): An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local…