Security researchers at Qualys have found Three security vulnerabilities on the core component in Linux that manages system processes after the boot process. The bug resides on the 'systemd-journald' service, which collects and stores log data of the Linux system.
On these three vulnerabilities - two are memory corruption (Stack Buffer Overflow) and one out-of-bounds error (Information Leak). The following CVE id have been allocated to the bug -
- CVE-2018-16864 - Privilege Escalation
- CVE-2018-16865 - Privilege Escalation
- CVE-2018-16866 - Information leak
According to the researcher
note,- the discovered vulnerabilities affect all system based on Linux distributions, including Redhat and Debian, but some Linux distros such as SUSE Linux Enterprise 15, openSUSE Leap 15.0, and Fedora 28 and 29 are not affected because their userspace is compiled with GCC's -fstack-clash-protection.
Now the worst thing is that there no Patch Yet available for the discovered bugs. Only the information leak (CVE-2018-16866) vulnerability has been fixed on Debian in the
unstable systemd 240-1 release.
We have also found a
mailing list which describe the technical details on these bugs.
