Updated systemd packages fix security vulnerabilitiesPublication date: 21 Feb 2020
Affected Mageia releases : 7
CVE: CVE-2019-20386 , CVE-2020-1712
Updated systemd packages fix security vulnerabilities: It was discovered that systemd incorrectly handled certain udevadm trigger commands. A local attacker could possibly use this issue to cause systemd to consume resources, leading to a denial of service (CVE-2019-20386). Tavis Ormandy discovered that systemd incorrectly handled certain Polkit queries. A local attacker could use this issue to cause systemd to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges (CVE-2020-1712).