Advisories » MGASA-2016-0380

Updated systemd packages fix security vulnerability

Publication date: 17 Nov 2016
Modification date: 17 Nov 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-7795

Description

Andrew Ayer discovered that Systemd improperly handled zero-length
notification messages. A local unprivileged attacker could use this to
cause a denial of service (init crash leading to system unavailability)
(CVE-2016-7795).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=19494
• http://www.ubuntu.com/usn/usn-3094-1/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7795

SRPMS

5/core

• systemd-217-11.2.mga5