Security update for systemd SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2019:0098-1 Final 1 1 2019-03-23T10:50:44Z current 2019-03-23T10:50:44Z 2019-03-23T10:50:44Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for systemd This update for systemd provides the following fixes: Security issues fixed: - CVE-2018-16864, CVE-2018-16865: Fixed two memory corruptions through attacker-controlled alloca()s (bsc#1120323) - CVE-2018-16866: Fixed an information leak in journald (bsc#1120323) - CVE-2018-6954: Fix mishandling of symlinks present in non-terminal path components (bsc#1080919) - Fixed an issue during system startup in relation to encrypted swap disks (bsc#1119971) Non-security issues fixed: - pam_systemd: Fix 'Cannot create session: Already running in a session' (bsc#1111498) - systemd-vconsole-setup: vconsole setup fails, fonts will not be copied to tty (bsc#1114933) - systemd-tmpfiles-setup: symlinked /tmp to /var/tmp breaking multiple units (bsc#1045723) - Fixed installation issue with /etc/machine-id during update (bsc#1117063) - btrfs: qgroups are assigned to parent qgroups after reboot (bsc#1093753) - logind: Stop managing VT switches if no sessions are registered on that VT. (bsc#1101591) - udev: Downgrade message when settting inotify watch up fails. (bsc#1005023) - udev: Ignore the exit code of systemd-detect-virt for memory hot-add. In SLE-12-SP3, 80-hotplug-cpu-mem.rules has a memory hot-add rule that uses systemd-detect-virt to detect non-zvm environment. The systemd-detect-virt returns exit failure code when it detected _none_ state. The exit failure code causes that the hot-add memory block can not be set to online. (bsc#1076696) This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2019-98 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KDEM25CHZWMRDGDYZ23LBZGMPWA63D2Y/#KDEM25CHZWMRDGDYZ23LBZGMPWA63D2Y E-Mail link for openSUSE-SU-2019:0098-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1005023 SUSE Bug 1005023 https://bugzilla.suse.com/1045723 SUSE Bug 1045723 https://bugzilla.suse.com/1076696 SUSE Bug 1076696 https://bugzilla.suse.com/1080919 SUSE Bug 1080919 https://bugzilla.suse.com/1093753 SUSE Bug 1093753 https://bugzilla.suse.com/1101591 SUSE Bug 1101591 https://bugzilla.suse.com/1111498 SUSE Bug 1111498 https://bugzilla.suse.com/1114933 SUSE Bug 1114933 https://bugzilla.suse.com/1117063 SUSE Bug 1117063 https://bugzilla.suse.com/1119971 SUSE Bug 1119971 https://bugzilla.suse.com/1120323 SUSE Bug 1120323 https://www.suse.com/security/cve/CVE-2018-16864/ SUSE CVE CVE-2018-16864 page https://www.suse.com/security/cve/CVE-2018-16865/ SUSE CVE CVE-2018-16865 page https://www.suse.com/security/cve/CVE-2018-16866/ SUSE CVE CVE-2018-16866 page https://www.suse.com/security/cve/CVE-2018-6954/ SUSE CVE CVE-2018-6954 page openSUSE Leap 15.0 libsystemd0-234-lp150.20.12.1 libsystemd0-32bit-234-lp150.20.12.1 libsystemd0-mini-234-lp150.20.12.1 libudev-devel-234-lp150.20.12.1 libudev-devel-32bit-234-lp150.20.12.1 libudev-mini-devel-234-lp150.20.12.1 libudev-mini1-234-lp150.20.12.1 libudev1-234-lp150.20.12.1 libudev1-32bit-234-lp150.20.12.1 nss-myhostname-234-lp150.20.12.1 nss-myhostname-32bit-234-lp150.20.12.1 nss-mymachines-234-lp150.20.12.1 nss-mymachines-32bit-234-lp150.20.12.1 nss-systemd-234-lp150.20.12.1 systemd-234-lp150.20.12.1 systemd-32bit-234-lp150.20.12.1 systemd-bash-completion-234-lp150.20.12.1 systemd-container-234-lp150.20.12.1 systemd-coredump-234-lp150.20.12.1 systemd-devel-234-lp150.20.12.1 systemd-logger-234-lp150.20.12.1 systemd-mini-234-lp150.20.12.1 systemd-mini-bash-completion-234-lp150.20.12.1 systemd-mini-container-mini-234-lp150.20.12.1 systemd-mini-coredump-mini-234-lp150.20.12.1 systemd-mini-devel-234-lp150.20.12.1 systemd-mini-sysvinit-234-lp150.20.12.1 systemd-sysvinit-234-lp150.20.12.1 udev-234-lp150.20.12.1 udev-mini-234-lp150.20.12.1 libsystemd0-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 libsystemd0-32bit-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 libsystemd0-mini-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 libudev-devel-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 libudev-devel-32bit-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 libudev-mini-devel-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 libudev-mini1-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 libudev1-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 libudev1-32bit-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 nss-myhostname-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 nss-myhostname-32bit-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 nss-mymachines-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 nss-mymachines-32bit-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 nss-systemd-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-32bit-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-bash-completion-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-container-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-coredump-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-devel-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-logger-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-mini-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-mini-bash-completion-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-mini-container-mini-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-mini-coredump-mini-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-mini-devel-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-mini-sysvinit-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 systemd-sysvinit-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 udev-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 udev-mini-234-lp150.20.12.1 as a component of openSUSE Leap 15.0 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. CVE-2018-16864 openSUSE Leap 15.0:libsystemd0-234-lp150.20.12.1 openSUSE Leap 15.0:libsystemd0-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:libsystemd0-mini-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-devel-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-devel-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-mini-devel-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-mini1-234-lp150.20.12.1 openSUSE Leap 15.0:libudev1-234-lp150.20.12.1 openSUSE Leap 15.0:libudev1-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-myhostname-234-lp150.20.12.1 openSUSE Leap 15.0:nss-myhostname-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-mymachines-234-lp150.20.12.1 openSUSE Leap 15.0:nss-mymachines-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-systemd-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-bash-completion-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-container-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-coredump-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-devel-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-logger-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-bash-completion-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-container-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-coredump-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-devel-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-sysvinit-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-sysvinit-234-lp150.20.12.1 openSUSE Leap 15.0:udev-234-lp150.20.12.1 openSUSE Leap 15.0:udev-mini-234-lp150.20.12.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KDEM25CHZWMRDGDYZ23LBZGMPWA63D2Y/#KDEM25CHZWMRDGDYZ23LBZGMPWA63D2Y https://www.suse.com/security/cve/CVE-2018-16864.html CVE-2018-16864 https://bugzilla.suse.com/1108912 SUSE Bug 1108912 https://bugzilla.suse.com/1120323 SUSE Bug 1120323 https://bugzilla.suse.com/1122265 SUSE Bug 1122265 https://bugzilla.suse.com/1188063 SUSE Bug 1188063 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. CVE-2018-16865 openSUSE Leap 15.0:libsystemd0-234-lp150.20.12.1 openSUSE Leap 15.0:libsystemd0-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:libsystemd0-mini-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-devel-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-devel-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-mini-devel-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-mini1-234-lp150.20.12.1 openSUSE Leap 15.0:libudev1-234-lp150.20.12.1 openSUSE Leap 15.0:libudev1-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-myhostname-234-lp150.20.12.1 openSUSE Leap 15.0:nss-myhostname-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-mymachines-234-lp150.20.12.1 openSUSE Leap 15.0:nss-mymachines-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-systemd-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-bash-completion-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-container-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-coredump-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-devel-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-logger-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-bash-completion-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-container-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-coredump-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-devel-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-sysvinit-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-sysvinit-234-lp150.20.12.1 openSUSE Leap 15.0:udev-234-lp150.20.12.1 openSUSE Leap 15.0:udev-mini-234-lp150.20.12.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KDEM25CHZWMRDGDYZ23LBZGMPWA63D2Y/#KDEM25CHZWMRDGDYZ23LBZGMPWA63D2Y https://www.suse.com/security/cve/CVE-2018-16865.html CVE-2018-16865 https://bugzilla.suse.com/1108912 SUSE Bug 1108912 https://bugzilla.suse.com/1120323 SUSE Bug 1120323 https://bugzilla.suse.com/1122265 SUSE Bug 1122265 https://bugzilla.suse.com/1188063 SUSE Bug 1188063 An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. CVE-2018-16866 openSUSE Leap 15.0:libsystemd0-234-lp150.20.12.1 openSUSE Leap 15.0:libsystemd0-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:libsystemd0-mini-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-devel-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-devel-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-mini-devel-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-mini1-234-lp150.20.12.1 openSUSE Leap 15.0:libudev1-234-lp150.20.12.1 openSUSE Leap 15.0:libudev1-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-myhostname-234-lp150.20.12.1 openSUSE Leap 15.0:nss-myhostname-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-mymachines-234-lp150.20.12.1 openSUSE Leap 15.0:nss-mymachines-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-systemd-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-bash-completion-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-container-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-coredump-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-devel-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-logger-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-bash-completion-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-container-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-coredump-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-devel-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-sysvinit-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-sysvinit-234-lp150.20.12.1 openSUSE Leap 15.0:udev-234-lp150.20.12.1 openSUSE Leap 15.0:udev-mini-234-lp150.20.12.1 low 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KDEM25CHZWMRDGDYZ23LBZGMPWA63D2Y/#KDEM25CHZWMRDGDYZ23LBZGMPWA63D2Y https://www.suse.com/security/cve/CVE-2018-16866.html CVE-2018-16866 https://bugzilla.suse.com/1108912 SUSE Bug 1108912 https://bugzilla.suse.com/1120323 SUSE Bug 1120323 https://bugzilla.suse.com/1122265 SUSE Bug 1122265 https://bugzilla.suse.com/1126183 SUSE Bug 1126183 systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on. CVE-2018-6954 openSUSE Leap 15.0:libsystemd0-234-lp150.20.12.1 openSUSE Leap 15.0:libsystemd0-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:libsystemd0-mini-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-devel-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-devel-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-mini-devel-234-lp150.20.12.1 openSUSE Leap 15.0:libudev-mini1-234-lp150.20.12.1 openSUSE Leap 15.0:libudev1-234-lp150.20.12.1 openSUSE Leap 15.0:libudev1-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-myhostname-234-lp150.20.12.1 openSUSE Leap 15.0:nss-myhostname-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-mymachines-234-lp150.20.12.1 openSUSE Leap 15.0:nss-mymachines-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:nss-systemd-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-32bit-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-bash-completion-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-container-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-coredump-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-devel-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-logger-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-bash-completion-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-container-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-coredump-mini-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-devel-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-mini-sysvinit-234-lp150.20.12.1 openSUSE Leap 15.0:systemd-sysvinit-234-lp150.20.12.1 openSUSE Leap 15.0:udev-234-lp150.20.12.1 openSUSE Leap 15.0:udev-mini-234-lp150.20.12.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KDEM25CHZWMRDGDYZ23LBZGMPWA63D2Y/#KDEM25CHZWMRDGDYZ23LBZGMPWA63D2Y https://www.suse.com/security/cve/CVE-2018-6954.html CVE-2018-6954 https://bugzilla.suse.com/1080919 SUSE Bug 1080919