Red Hat Bugzilla – Bug 859051
CVE-2013-4391 systemd: Integer overflow, leading to heap-based buffer overflow by processing native messages
Last modified: 2015-07-29 09:04:18 EDT
An integer overflow, leading to heap-based buffer overflow flaw was found in the way journald functionality of systemd, a system and service manager, processed native messages. A local attacker could provide a specially-crafted packet that when processed by systemd would lead to systemd daemon crash or, potentially, arbitrary code execution with the privileges of the user running the daemon.
Issue found by Florian Weimer, Red Hat Product Security Team
This issue has been addressed in the version of systemd as shipped with Fedora 18 and 19. (Current versions are not affected)
This issue was discovered by Florian Weimer of the Red Hat Product Security Team.
This was assigned CVE-2013-4391: