CVE-2013-4391
Published: 28 October 2013
Integer overflow in the valid_user_field function in journal/journald-native.c in systemd allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large journal data field, which triggers a heap-based buffer overflow.
Priority
Status
Package | Release | Status |
---|---|---|
systemd Launchpad, Ubuntu, Debian |
lucid |
Does not exist
|
precise |
Does not exist
|
|
quantal |
Does not exist
|
|
raring |
Not vulnerable
(198-0ubuntu11.2)
|
|
upstream |
Needs triage
|
|
Patches: upstream: http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e |