Vulnerability Details : CVE-2018-16864
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.
Products affected by CVE-2018-16864
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-16864
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 8 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-16864
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
7.4
|
HIGH | CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.4
|
5.9
|
Red Hat, Inc. | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2018-16864
-
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
References for CVE-2018-16864
-
http://www.securityfocus.com/bid/106523
systemd-journald CVE-2018-16864 Stack-Based Buffer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2019:0361
RHSA-2019:0361 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://lists.debian.org/debian-lts-announce/2019/01/msg00016.html
[SECURITY] [DLA 1639-1] systemd security updateThird Party Advisory
-
https://usn.ubuntu.com/3855-1/
USN-3855-1: systemd vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://access.redhat.com/errata/RHBA-2019:0327
RHBA-2019:0327 - Bug Fix Advisory - Red Hat Customer PortalThird Party Advisory
-
https://security.netapp.com/advisory/ntap-20190117-0001/
January 2019 Systemd-journald Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
Oracle Critical Patch Update - April 2019Patch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:0049
RHSA-2019:0049 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:0271
RHSA-2019:0271 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2021/07/20/2
oss-security - CVE-2021-33910: Denial of service (stack exhaustion) in systemd (PID 1)Mailing List
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16864
1653855 – (CVE-2018-16864) CVE-2018-16864 systemd: stack overflow when calling syslog from a command with long cmdlineIssue Tracking;Patch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:2402
RHSA-2019:2402 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.debian.org/security/2019/dsa-4367
Debian -- Security Information -- DSA-4367-1 systemdThird Party Advisory
-
https://security.gentoo.org/glsa/201903-07
systemd: Multiple vulnerabilities (GLSA 201903-07) — Gentoo securityThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:0342
RHSA-2019:0342 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://www.qualys.com/2019/01/09/system-down/system-down.txt
Exploit;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:0204
RHSA-2019:0204 - Security Advisory - Red Hat Customer PortalThird Party Advisory
Jump to