id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
5187	systemd - fix CVE-2022-4415	Douglas R. Reno	Douglas R. Reno	"We need to create a patch for systemd due to CVE-2022-4415.

The patch can be found here: [https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c] - we will need to create one for systemd-251 as well for the security advisory.

CVE-2022-4415 is a local information leak and privilege escalation in systemd-coredump, which is caused by it not respecting the fs.suid_dumpable kernel setting. A proof-of-concept is public and was attached to the posting to oss-security, which was posted at about 6:00 AM CDT. The proof of concept gets the password hash for the root user.

The posting to oss-security can be found here: [https://www.openwall.com/lists/oss-security/2022/12/21/3]"	enhancement	closed	highest	11.3	Book	git	normal	fixed