公告ID: KYLIN-2018-16866
安全等级: 中等
产品: Kylin V3
发布日期: 2019年1月9日
CVE: CVE-2018-16866
CVSS3评分: 4.3
概述:
This issue affects the versions of systemd as shipped with Kylin Enterprise Linux 7. Kylin Product Security has rated this issue as having a security impact of Moderate. For additional information, refer to the Issue Severity Classification: https://access.Kylin.com/security/updates/classification/. Kylin Virtualization Hypervisor and Management Appliance include vulnerable versions of systemd. However, since exploitation requires local access and impact is restricted to information disclosure, this flaw is rated as having a security issue of Low. Future updates may address this issue. 描述:
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. 系统版本:
KYLIN 3.3.x
受影响包列表:
systemd