CVE-2018-16865 — HIGH (7.8)

Q: How severe is CVE-2018-16865?

CVE-2018-16865 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-16865?

Check the references section above for vendor advisories and patch information. Affected products include: Systemd Project Systemd, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.

Vulnerability Description

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Systemd Project	Systemd	<= 240
Redhat	Enterprise Linux Desktop	7.0
Redhat	Enterprise Linux Server	7.0
Redhat	Enterprise Linux Server Aus	7.3
Redhat	Enterprise Linux Server Eus	7.5
Redhat	Enterprise Linux Server Tus	7.3
Redhat	Enterprise Linux Workstation	7.0
Debian	Debian Linux	8.0
Canonical	Ubuntu Linux	16.04
Oracle	Communications Session Border Controller	8.0.0
Oracle	Enterprise Communications Broker	3.0.0

Related Weaknesses (CWE)

CWE-770

References

http://packetstormsecurity.com/files/152841/System-Down-A-systemd-journald-ExploThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2019/May/21Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2019/05/10/4Mailing ListThird Party Advisory
http://www.openwall.com/lists/oss-security/2021/07/20/2Mailing ListThird Party Advisory
http://www.securityfocus.com/bid/106525Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHBA-2019:0327Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0049Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0204Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0271Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0342Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0361Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2402Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16865Issue TrackingPatch
https://lists.debian.org/debian-lts-announce/2019/01/msg00016.htmlMailing ListThird Party Advisory
https://seclists.org/bugtraq/2019/May/25Mailing ListThird Party Advisory

FAQ

What is CVE-2018-16865?

CVE-2018-16865 is a vulnerability with a CVSS score of 7.8 (HIGH). An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local...

How severe is CVE-2018-16865?

CVE-2018-16865 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-16865?

Check the references section above for vendor advisories and patch information. Affected products include: Systemd Project Systemd, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.