#5187 closed enhancement (fixed)
systemd - fix CVE-2022-4415
| Reported by: | Douglas R. Reno | Owned by: | Douglas R. Reno |
|---|---|---|---|
| Priority: | highest | Milestone: | 11.3 |
| Component: | Book | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
We need to create a patch for systemd due to CVE-2022-4415.
The patch can be found here: https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c - we will need to create one for systemd-251 as well for the security advisory.
CVE-2022-4415 is a local information leak and privilege escalation in systemd-coredump, which is caused by it not respecting the fs.suid_dumpable kernel setting. A proof-of-concept is public and was attached to the posting to oss-security, which was posted at about 6:00 AM CDT. The proof of concept gets the password hash for the root user.
The posting to oss-security can be found here: https://www.openwall.com/lists/oss-security/2022/12/21/3
Change History (3)
comment:1 by , 3 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 3 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Note:
See TracTickets
for help on using tickets.
Fixed at e193e35799dc8e247c9efecf8440a835462a77ed