Advisories » MGASA-2019-0330

Updated systemd packages fix security vulnerability

Publication date: 19 Nov 2019
Modification date: 19 Nov 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-15718

Description

Updated systemd packages fix security vulnerability:

Nadav Markus from Palo Alto Networks discovered that systemd-resolved
does not enforce appropriate access controls on its D-Bus interface and
allows unprivileged users to execute methods that are meant to be
available only to privileged users. This can be exploited by local users
to modify the system's DNS resolver settings (CVE-2019-15718).

This update also adds various upstream fixes for networkd, resolved,
updates the manpages, fixing some logging messages and adds some missing
checks that can potentially be used to cause crashes or malfunction.

The syscall filter list has been updated to properly support newer glibc
and kernel features with seccomp and nspawn.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25404
• https://www.openwall.com/lists/oss-security/2019/09/03/1
• https://access.redhat.com/errata/RHSA-2019:3592
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15718

SRPMS

7/core

• systemd-241-8.4.mga7