[systemd-devel] systemd vulnerability detection
Lennart Poettering
lennart at poettering.net
Tue Apr 28 19:30:14 UTC 2020
On Di, 28.04.20 21:35, Fuat Bölük (mektup at fuatboluk.com.tr) wrote:
> Hello there. I detected a vulnerability in systemd software. this
> vulnerability exists in all systemd versions. vulnerability can be
> manipulated by local users and root user rights can be obtained.
>
> As soon as I publicly publicize this vulnerability, all servers running
> systemd will remain vulnerable. it must be closed without the public's
> knowledge of the vulnerability.
>
> I got the root rights by manipulating the vulnerability in ubuntu 19
> and fedora 32 without installing additional software.
>
> sorry for bad english. I use translation.
Please see:
https://systemd.io/SECURITY/
i.e. please report to systemd-security at redhat.com
Thank you,
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list