Bug#1026831: systemd: CVE-2022-4415: systemd-coredump not respecting fs.suid_dumpable kernel setting
Salvatore Bonaccorso
carnil at debian.org
Wed Dec 21 20:36:23 GMT 2022
Source: systemd
Version: 252.3-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Control: found -1 247.3-7+deb11u1
Control: found -1 247.3-7
Hi,
The following vulnerability was published for systemd.
CVE-2022-4415[0]:
| systemd-coredump not respecting fs.suid_dumpable kernel setting
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2022-4415
https://www.cve.org/CVERecord?id=CVE-2022-4415
[1] https://www.openwall.com/lists/oss-security/2022/12/21/3
[2] https://github.com/systemd/systemd-stable/commit/bb47600aeb38c68c857fbf0ee5f66c3144dd81ce
Regards,
Salvatore
More information about the Pkg-systemd-maintainers
mailing list