An improper authorization flaw was discovered in systemd-resolved before v234 in the way it configures the exposed DBus interface org.freedesktop.resolve1....

It was found that bus_process_object() in bus-objects.c allocates a buffer on the stack large enough to temporarily store the object path specified in the...

An out-of-bounds read has been found in the journald component of systemd >= v221 and < v240, in the syslog_parse_identifier() function in...

A memory corruption vulnerability has been found in the journald component of systemd >= v201 and <= v240, in the journal_file_append_entry() function....

A memory corruption vulnerability has been found in the journald component of systemd >= v230 and <= v240, in the set_iovec_field() function. Passing...

An out-of-bounds write has been found in the dhcpv6 option handing code of systemd-networkd up to and including v239.

It was discovered that...

A security issue has been found in systemd up to and including 239, where a race condition in the chown_one() function can be used to escalate privileges...

A security issue has been found in systemd up to and including 239, where the use of fgets() allows an attacker to escalate privilege via a crafted service...

systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of...

systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl is...

An out-of-bounds write was discovered in systemd-resolved when handling specially crafted DNS responses. A remote attacker could potentially exploit this to...

A security issue has been found in systemd-resolved, allowing a remote attacker to cause a denial of service (daemon crash via NULL-pointer dereference) via...

systemd fails an assertion in manager_invoke_notify_message when a zero-length message is received over its notification socket. After failing the...