SUSE-SU-2019:1364-1

Description

Security update for systemd This update for systemd fixes the following issues: Security issues fixed: - CVE-2019-3842: Fixed a privilege escalation in pam_systemd which could be exploited by a local user (bsc#1132348). - CVE-2019-6454: Fixed a denial of service via crafted D-Bus message (bsc#1125352). - CVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where services with DynamicUser could gain new privileges or create SUID/SGID binaries (bsc#1133506, bsc#1133509). Non-security issued fixed: - logind: fix killing of scopes (bsc#1125604) - namespace: make MountFlags=shared work again (bsc#1124122) - rules: load drivers only on 'add' events (bsc#1126056) - sysctl: Don't pass null directive argument to '%s' (bsc#1121563) - systemd-coredump: generate a stack trace of all core dumps and log into the journal (jsc#SLE-5933) - udevd: notify when max number value of children is reached only once per batch of events (bsc#1132400) - sd-bus: bump message queue size again (bsc#1132721) - Do not automatically online memory on s390x (bsc#1127557) - Removed sg.conf (bsc#1036463)

Affected Systems

• suse•systemd&distro=SUSE Linux Enterprise Module for Basesystem 15

  < 234-24.30.1

References (19)

• https://www.suse.com/support/update/announcement/2019/suse-su-20191364-1/
• https://bugzilla.suse.com/1036463
• https://bugzilla.suse.com/1121563
• https://bugzilla.suse.com/1124122
• https://bugzilla.suse.com/1125352
• https://bugzilla.suse.com/1125604
• https://bugzilla.suse.com/1126056
• https://bugzilla.suse.com/1127557
• https://bugzilla.suse.com/1130230
• https://bugzilla.suse.com/1132348
• https://bugzilla.suse.com/1132400
• https://bugzilla.suse.com/1132721
• https://bugzilla.suse.com/1133506
• https://bugzilla.suse.com/1133509
• https://www.suse.com/security/cve/CVE-2019-3842
• https://www.suse.com/security/cve/CVE-2019-3843
• https://www.suse.com/security/cve/CVE-2019-3844
• https://www.suse.com/security/cve/CVE-2019-6454
• https://bugzilla.suse.com/SLE-5933