Exploit Report

Computer Security And Bug Information


CVE Title
Published Date2022-11-23T23:15Z
Modified Date2022-12-01T14:33Z
CWE TypeCWE-400
Descriptionsystemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://github.com/systemd/systemd/commit/076b807be472630692c5348c60d0c2b7b28ad437
Reference DescriptionMISC https://github.com/systemd/systemd/commit/076b807be472630692c5348c60d0c2b7b28ad437
Reference URLhttps://github.com/systemd/systemd/pull/25055#issuecomment-1313733553
Reference DescriptionMISC https://github.com/systemd/systemd/pull/25055#issuecomment-1313733553
Reference URLhttps://github.com/systemd/systemd/pull/24853#issuecomment-1326561497
Reference DescriptionMISC https://github.com/systemd/systemd/pull/24853#issuecomment-1326561497
TagsPatch Third Party Advisory

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles