Updated systemd packages fix security vulnerability
Publication date: 07 Jul 2023Modification date: 07 Jul 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-4415
Description
Local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting (CVE-2022-4415)
References
- https://bugs.mageia.org/show_bug.cgi?id=31305
- https://www.openwall.com/lists/oss-security/2022/12/21/3
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JZKXTILQJERZNQGT3KIVV6BFKD5IV6EY/
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EEZTDRHOCHY2CZIAQ5LHAW5DIC7DDHWL/
- https://access.redhat.com/errata/RHSA-2023:0837
- https://ubuntu.com/security/notices/USN-5928-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4415
SRPMS
8/core
- systemd-246.16-4.mga8