SB2018013108 - Red Hat update for systemd
Published: January 31, 2018
Security Bulletin ID
SB2018013108
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Adjecent network
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Race condition (CVE-ID: CVE-2018-1049)
The vulnerability allows an adjacent attacker to cause DoS condition no the target system.The weakness exists in GNU systemd due to an error when handling malicious input. An adjacent attacker can submit a specially crafted automount request, trigger race condition and cause the service to crash.
Remediation
Install update from vendor's website.