Advisories » MGASA-2018-0094

Updated systemd packages fix security vulnerability

Publication date: 24 Jan 2018
Modification date: 24 Jan 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-1049

Description

In systemd prior to 234 a race exists between .mount and .automount
units such that automount requests from kernel may not be serviced by
systemd resulting in kernel holding the mountpoint and any processes
that try to use said mount will hang. A race like this may lead to
denial of service, until mount points are unmounted (CVE-2018-1049).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22430
• http://openwall.com/lists/oss-security/2018/01/19/8
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1049

SRPMS

6/core

• systemd-230-12.3.mga6