Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
systemd 缓冲区错误漏洞
Vulnerability Description
systemd是德国Lennart Poettering个人开发者的一款基于Linux的系统和服务管理器。该产品兼容了SysV和LSB的启动脚本,且提供了一个用来表示系统服务间依赖关系的框架。 systemd中的bus_process_object()存在缓冲区错误漏洞,该漏洞源于程序没有充分地执行输入验证。本地攻击者可通过发送dbus消息利用该漏洞造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A