Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for systemd by Red Hat, Inc.

    CVE-2018-1049 (GCVE-0-2018-1049)

    Vulnerability from nvd – Published: 2018-02-16 21:00 – Updated: 2024-09-16 16:47
    VLAI
    Summary
    In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1041520 vdb-entryx_refsource_SECTRACK
    https://lists.debian.org/debian-lts-announce/2018… mailing-listx_refsource_MLIST
    https://access.redhat.com/errata/RHSA-2018:0260 vendor-advisoryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=1534701 x_refsource_CONFIRM
    https://usn.ubuntu.com/3558-1/ vendor-advisoryx_refsource_UBUNTU
    Impacted products
    Vendor Product Version
    Red Hat, Inc. systemd Affected: prior to 234
    Create a notification for this product.
    Date Public
    2018-02-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.848Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1041520",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1041520"
              },
              {
                "name": "[debian-lts-announce] 20181119 [SECURITY] [DLA 1580-1] systemd security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html"
              },
              {
                "name": "RHSA-2018:0260",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:0260"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534701"
              },
              {
                "name": "USN-3558-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3558-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "systemd",
              "vendor": "Red Hat, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to 234"
                }
              ]
            }
          ],
          "datePublic": "2018-02-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-362",
                  "description": "CWE-362",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-20T10:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "1041520",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1041520"
            },
            {
              "name": "[debian-lts-announce] 20181119 [SECURITY] [DLA 1580-1] systemd security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html"
            },
            {
              "name": "RHSA-2018:0260",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:0260"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534701"
            },
            {
              "name": "USN-3558-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3558-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "DATE_PUBLIC": "2018-02-16T00:00:00",
              "ID": "CVE-2018-1049",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "systemd",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "prior to 234"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Red Hat, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-362"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1041520",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1041520"
                },
                {
                  "name": "[debian-lts-announce] 20181119 [SECURITY] [DLA 1580-1] systemd security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html"
                },
                {
                  "name": "RHSA-2018:0260",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2018:0260"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1534701",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534701"
                },
                {
                  "name": "USN-3558-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3558-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2018-1049",
        "datePublished": "2018-02-16T21:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:47:41.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1049 (GCVE-0-2018-1049)

    Vulnerability from cvelistv5 – Published: 2018-02-16 21:00 – Updated: 2024-09-16 16:47
    VLAI
    Summary
    In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    http://www.securitytracker.com/id/1041520 vdb-entryx_refsource_SECTRACK
    https://lists.debian.org/debian-lts-announce/2018… mailing-listx_refsource_MLIST
    https://access.redhat.com/errata/RHSA-2018:0260 vendor-advisoryx_refsource_REDHAT
    https://bugzilla.redhat.com/show_bug.cgi?id=1534701 x_refsource_CONFIRM
    https://usn.ubuntu.com/3558-1/ vendor-advisoryx_refsource_UBUNTU
    Impacted products
    Vendor Product Version
    Red Hat, Inc. systemd Affected: prior to 234
    Create a notification for this product.
    Date Public
    2018-02-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:44:11.848Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1041520",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1041520"
              },
              {
                "name": "[debian-lts-announce] 20181119 [SECURITY] [DLA 1580-1] systemd security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html"
              },
              {
                "name": "RHSA-2018:0260",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "https://access.redhat.com/errata/RHSA-2018:0260"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534701"
              },
              {
                "name": "USN-3558-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3558-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "systemd",
              "vendor": "Red Hat, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to 234"
                }
              ]
            }
          ],
          "datePublic": "2018-02-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-362",
                  "description": "CWE-362",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-20T10:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "1041520",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1041520"
            },
            {
              "name": "[debian-lts-announce] 20181119 [SECURITY] [DLA 1580-1] systemd security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html"
            },
            {
              "name": "RHSA-2018:0260",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "https://access.redhat.com/errata/RHSA-2018:0260"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534701"
            },
            {
              "name": "USN-3558-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3558-1/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "DATE_PUBLIC": "2018-02-16T00:00:00",
              "ID": "CVE-2018-1049",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "systemd",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "prior to 234"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Red Hat, Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-362"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1041520",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1041520"
                },
                {
                  "name": "[debian-lts-announce] 20181119 [SECURITY] [DLA 1580-1] systemd security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html"
                },
                {
                  "name": "RHSA-2018:0260",
                  "refsource": "REDHAT",
                  "url": "https://access.redhat.com/errata/RHSA-2018:0260"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1534701",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534701"
                },
                {
                  "name": "USN-3558-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3558-1/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2018-1049",
        "datePublished": "2018-02-16T21:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:47:41.544Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }