Your submission was sent successfully! Close

CVE-2018-16866

Published: 11 January 2019

An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.

Priority

Medium

CVSS 3 base score: 3.3

Status

Package Release Status
systemd
Launchpad, Ubuntu, Debian
bionic
Released (237-3ubuntu10.11)
cosmic
Released (239-7ubuntu10.6)
precise Does not exist

trusty Not vulnerable
(code not built)
upstream Needs triage

xenial
Released (229-4ubuntu21.15)