Systemd Project: >> Systemd >> 202 Security Vulnerabilities
The manager_invoke_notify_message function in systemd 231 and earlier allows local users to cause a denial of service (assertion failure and PID 1 hang) via a zero-length message received over a notify socket.
CVSS Score
5.5
EPSS Score
0.002
Published
2016-10-13
systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.
CVSS Score
5.0
EPSS Score
0.0
Published
2013-10-28
systemd does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.
CVSS Score
6.9
EPSS Score
0.0
Published
2013-10-03
Page 3