An update for systemd is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2021-1271
Final
1.0
1.0
2021-07-24
Initial
2021-07-24
2021-07-24
openEuler SA Tool V1.0
2021-07-24
systemd security update
An update for systemd is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2.
systemd is a system and service manager that runs as PID 1 and starts the rest of the system.
Security Fix(es):
basic/unit-name.c in systemd 220 through 248 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.(CVE-2021-33910)
An update for systemd is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2.
openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
Medium
systemd
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1271
https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-33910
https://nvd.nist.gov/vuln/detail/CVE-2021-33910
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP2
systemd-journal-remote-243-37.oe1.aarch64.rpm
systemd-debugsource-243-37.oe1.aarch64.rpm
systemd-debuginfo-243-37.oe1.aarch64.rpm
systemd-udev-compat-243-37.oe1.aarch64.rpm
systemd-243-37.oe1.aarch64.rpm
systemd-udev-243-37.oe1.aarch64.rpm
systemd-container-243-37.oe1.aarch64.rpm
systemd-devel-243-37.oe1.aarch64.rpm
systemd-libs-243-37.oe1.aarch64.rpm
systemd-journal-remote-243-39.oe1.aarch64.rpm
systemd-debugsource-243-39.oe1.aarch64.rpm
systemd-debuginfo-243-39.oe1.aarch64.rpm
systemd-udev-compat-243-39.oe1.aarch64.rpm
systemd-243-39.oe1.aarch64.rpm
systemd-udev-243-39.oe1.aarch64.rpm
systemd-container-243-39.oe1.aarch64.rpm
systemd-devel-243-39.oe1.aarch64.rpm
systemd-libs-243-39.oe1.aarch64.rpm
systemd-help-243-37.oe1.noarch.rpm
systemd-help-243-39.oe1.noarch.rpm
systemd-243-37.oe1.src.rpm
systemd-243-39.oe1.src.rpm
systemd-libs-243-37.oe1.x86_64.rpm
systemd-udev-243-37.oe1.x86_64.rpm
systemd-243-37.oe1.x86_64.rpm
systemd-udev-compat-243-37.oe1.x86_64.rpm
systemd-container-243-37.oe1.x86_64.rpm
systemd-devel-243-37.oe1.x86_64.rpm
systemd-journal-remote-243-37.oe1.x86_64.rpm
systemd-debugsource-243-37.oe1.x86_64.rpm
systemd-debuginfo-243-37.oe1.x86_64.rpm
systemd-libs-243-39.oe1.x86_64.rpm
systemd-udev-243-39.oe1.x86_64.rpm
systemd-243-39.oe1.x86_64.rpm
systemd-udev-compat-243-39.oe1.x86_64.rpm
systemd-container-243-39.oe1.x86_64.rpm
systemd-devel-243-39.oe1.x86_64.rpm
systemd-journal-remote-243-39.oe1.x86_64.rpm
systemd-debugsource-243-39.oe1.x86_64.rpm
systemd-debuginfo-243-39.oe1.x86_64.rpm
basic/unit-name.c in systemd 220 through 248 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash.
2021-07-24
CVE-2021-33910
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP2
Medium
5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
systemd security update
2021-07-24
https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1271