Your submission was sent successfully! Close

CVE-2015-8842

Published: 20 April 2016

tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file.

Priority

Low

CVSS 3 base score: 3.3

Status

Package Release Status
systemd
Launchpad, Ubuntu, Debian
Upstream
Released (229-1)
Ubuntu 16.04 ESM (Xenial Xerus) Not vulnerable
(229-4ubuntu1)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(code not present)
Patches:
Upstream: https://github.com/systemd/systemd/commit/afae249efa4774c6676738ac5de6aeb4daf4889f