oss-sec mailing list archives

[CVE request] systemd

From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Tue, 01 Oct 2013 12:56:23 +0530

Hi All,

I would like to request CVE ids for 4 systemd issues.

1. systemd: Integer overflow, leading to heap-based buffer overflow by
processing native messages
https://bugzilla.redhat.com/show_bug.cgi?id=859051

2. systemd: TOCTOU race condition when updating file permissions and
SELinux security contexts
https://bugzilla.redhat.com/show_bug.cgi?id=859060

3. systemd: Possibility of denial of logging service by processing
native messages from file
https://bugzilla.redhat.com/show_bug.cgi?id=859104

4. systemd: Improper sanitization of invalid XKB layouts descriptions
(privilege escalation when custom PolicyKit local authority file used)
https://bugzilla.redhat.com/show_bug.cgi?id=862324

Thanks!


-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team

Current thread:

[CVE request] systemd Huzaifa Sidhpurwala (Oct 01)
- Re: [CVE request] systemd Sebastian Krahmer (Oct 01)
- Re: [CVE request] systemd Kurt Seifried (Oct 01)