{"id":2361,"date":"2019-01-12T10:42:48","date_gmt":"2019-01-12T09:42:48","guid":{"rendered":"https:\/\/werle.pro\/?p=2361"},"modified":"2019-01-12T10:42:48","modified_gmt":"2019-01-12T09:42:48","slug":"linux-systemd-privilege-escalation-flaws","status":"publish","type":"post","link":"https:\/\/werle.pro\/index.php\/2019\/01\/12\/linux-systemd-privilege-escalation-flaws\/","title":{"rendered":"Linux – Systemd Privilege Escalation Flaws"},"content":{"rendered":"

#RGPD – Security by design<\/p>\n

#CyberEdu – Education \u00e0 la s\u00e9curit\u00e9; du bon usage d’un compilateur et de ses options<\/p>\n

\u00ab\u00a0Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems.<\/p>\n

The vulnerabilities, assigned as CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866, actually resides in the \u00ab\u00a0systemd-journald\u00a0\u00bb service that collects information from different sources and creates event logs by logging information in the journal.<\/p>\n

The vulnerabilities, which were discovered and reported by security researchers at Qualys, affect all systemd-based Linux distributions, including Redhat and Debian, according to the researchers.<\/p>\n

However, some Linux distros such as SUSE Linux Enterprise 15, openSUSE Leap 15.0, and Fedora 28 and 29 are not affected, as \u00ab\u00a0their userspace [code] is compiled with GCC’s -fstack-clash-protection<\/strong>.\u00a0\u00bb\u00a0\u00bb<\/p>\n

thehackernews.com\/2019\/01\/linux-systemd-exploit.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

#RGPD – Security by design #CyberEdu – Education \u00e0 la s\u00e9curit\u00e9; du bon usage d’un compilateur et de ses options \u00ab\u00a0Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the … Lire la suite<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[10],"tags":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ALXt-C5","jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/werle.pro\/index.php\/wp-json\/wp\/v2\/posts\/2361"}],"collection":[{"href":"https:\/\/werle.pro\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/werle.pro\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/werle.pro\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/werle.pro\/index.php\/wp-json\/wp\/v2\/comments?post=2361"}],"version-history":[{"count":1,"href":"https:\/\/werle.pro\/index.php\/wp-json\/wp\/v2\/posts\/2361\/revisions"}],"predecessor-version":[{"id":2362,"href":"https:\/\/werle.pro\/index.php\/wp-json\/wp\/v2\/posts\/2361\/revisions\/2362"}],"wp:attachment":[{"href":"https:\/\/werle.pro\/index.php\/wp-json\/wp\/v2\/media?parent=2361"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/werle.pro\/index.php\/wp-json\/wp\/v2\/categories?post=2361"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/werle.pro\/index.php\/wp-json\/wp\/v2\/tags?post=2361"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}