%20--%3e%3csvg%20version='1.1'%20id='Layer_1'%20x='0px'%20y='0px'%20viewBox='0%200%20107.30001%20140.79999'%20xml:space='preserve'%20sodipodi:docname='mind_logo_positief.svg'%20width='107.30001'%20height='140.79999'%20xmlns:inkscape='http://www.inkscape.org/namespaces/inkscape'%20xmlns:sodipodi='http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd'%20xmlns='http://www.w3.org/2000/svg'%20xmlns:svg='http://www.w3.org/2000/svg'%3e%3cdefs%20id='defs29'%20/%3e%3csodipodi:namedview%20id='namedview29'%20pagecolor='%23505050'%20bordercolor='%23eeeeee'%20borderopacity='1'%20inkscape:showpageshadow='0'%20inkscape:pageopacity='0'%20inkscape:pagecheckerboard='0'%20inkscape:deskcolor='%23d1d1d1'%3e%3cinkscape:page%20x='0'%20y='0'%20width='107.30001'%20height='140.79999'%20id='page2'%20margin='0'%20bleed='0'%20/%3e%3c/sodipodi:namedview%3e%3cstyle%20type='text/css'%20id='style1'%3e%20.st0{fill:%231F1FA3;}%20.st1{fill:url(%23SVGID_1_);}%20.st2{fill:url(%23SVGID_00000033333245342322421190000001486717665348835473_);}%20.st3{fill:url(%23SVGID_00000075852413222229328580000001131059578544388517_);}%20%3c/style%3e%3cg%20id='g9'%20transform='translate(-21.299999,-20.6)'%3e%3clinearGradient%20id='SVGID_1_'%20gradientUnits='userSpaceOnUse'%20x1='4.8695998'%20y1='142.78'%20x2='99.248901'%20y2='35.348301'%3e%3cstop%20offset='0'%20style='stop-color:%2347EFF0'%20id='stop4'%20/%3e%3cstop%20offset='1'%20style='stop-color:%23297BFF'%20id='stop5'%20/%3e%3c/linearGradient%3e%3crect%20x='21.299999'%20y='64'%20class='st1'%20width='19.9'%20height='97.400002'%20id='rect5'%20style='fill:url(%23SVGID_1_)'%20/%3e%3clinearGradient%20id='SVGID_00000007421653842672228110000012418760815982452352_'%20gradientUnits='userSpaceOnUse'%20x1='23.7796'%20y1='159.3925'%20x2='118.1588'%20y2='51.9608'%3e%3cstop%20offset='0'%20style='stop-color:%2347EFF0'%20id='stop6'%20/%3e%3cstop%20offset='1'%20style='stop-color:%23297BFF'%20id='stop7'%20/%3e%3c/linearGradient%3e%3cpath%20style='fill:url(%23SVGID_00000007421653842672228110000012418760815982452352_)'%20d='M%2072.3,64%20H%2064%20v%2075.2%20H%2085.1%20V%2076.8%20C%2085.1,69.7%2079.4,64%2072.3,64%20Z'%20id='path7'%20/%3e%3clinearGradient%20id='SVGID_00000072986549029232277750000008760038133176911550_'%20gradientUnits='userSpaceOnUse'%20x1='20.501699'%20y1='156.51289'%20x2='114.881'%20y2='49.0812'%3e%3cstop%20offset='0'%20style='stop-color:%2347EFF0'%20id='stop8'%20/%3e%3cstop%20offset='1'%20style='stop-color:%23297BFF'%20id='stop9'%20/%3e%3c/linearGradient%3e%3cpath%20style='fill:url(%23SVGID_00000072986549029232277750000008760038133176911550_)'%20d='M%2073.6,20.6%20H%2064%20v%2019.9%20h%209.6%20c%2019.3,0%2035.1,15.7%2035.1,35.1%20v%2044.3%20h%2019.9%20V%2075.6%20c%200,-30.3%20-24.7,-55%20-55,-55%20z'%20id='path9'%20/%3e%3c/g%3e%3c/svg%3e)
Name
systemd
Version
250.14
Type
library
Description
A System and service manager
Licenses
GPL-2.0-only & LGPL-2.1-only
PURL
-
CPE
cpe:2.3:*:systemd_project:systemd:250.14:*:*:*:*:*:*:*
Other Versions#
Patches#
#
Title
Author
Resolve
1
coredump: use %d in kernel core pattern
=?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
CVE-2025-4598
2
journal: Make sd_journal_previous/next() return 0 at
Daan De Meyer <daan.j.demeyer@gmail.com>
3
implment systemd-sysv-install for OE
Khem Raj <raj.khem@gmail.com>
4
add fallback parse_printf_format implementation
Alexander Kanavin <alex.kanavin@gmail.com>
5
Adjust for musl headers
Khem Raj <raj.khem@gmail.com>
6
core: fix build when seccomp is off
Jonas Gorski <jonas.gorski@bisdn.de>
7
don't fail if GLOB_BRACE and GLOB_ALTDIRFUNC is not defined
Chen Qi <Qi.Chen@windriver.com>
8
basic/macro: add macro to iterate variadic args
Dan Streetman <ddstreet@ieee.org>
9
resolve: Use sockaddr pointer type for bind()
Khem Raj <raj.khem@gmail.com>
10
nspawn: make sure host root can write to the uidmapped mounts
Lennart Poettering <lennart@poettering.net>
11
test-sizeof.c: Disable tests for missing typedefs in musl
Chen Qi <Qi.Chen@windriver.com>
12
binfmt: Don't install dependency links at install time for
Chen Qi <Qi.Chen@windriver.com>
13
Handle __cpu_mask usage
Scott Murray <scott.murray@konsulko.com>
14
add missing FTW_ macros for musl
Chen Qi <Qi.Chen@windriver.com>
15
network: remove only managed configs on reconfigure or
Yu Watanabe <watanabe.yu+github@gmail.com>
16
distinguish XSI-compliant strerror_r from GNU-specifi
Chen Qi <Qi.Chen@windriver.com>
17
Define glibc compatible basename() for non-glibc systems
Khem Raj <raj.khem@gmail.com>
18
Add sys/stat.h for S_IFDIR
Khem Raj <raj.khem@gmail.com>
19
missing_type.h: add comparison_fn_t
Chen Qi <Qi.Chen@windriver.com>
20
pass correct parameters to getdents64
Khem Raj <raj.khem@gmail.com>
21
Do not disable buffering when writing to oom_score_adj
Chen Qi <Qi.Chen@windriver.com>
22
coredump: get rid of _META_MANDATORY_MAX
=?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
23
don't pass AT_SYMLINK_NOFOLLOW flag to faccessat()
Andre McCurdy <armccurdy@gmail.com>
24
do not disable buffer in writing files
Chen Qi <Qi.Chen@windriver.com>
25
missing_syscall.h: Define MIPS ABI defines for musl
Khem Raj <raj.khem@gmail.com>
26
Move sysusers.d/sysctl.d/binfmt.d/modules-load.d to /usr
Khem Raj <raj.khem@gmail.com>
27
avoid redefinition of prctl_mm_map structure
Chen Qi <Qi.Chen@windriver.com>
28
Handle missing gshadow
Alex Kiernan <alex.kiernan@gmail.com>
29
fix missing of __register_atfork for non-glibc builds
Chen Qi <Qi.Chen@windriver.com>
30
Use uintmax_t for handling rlim_t
Chen Qi <Qi.Chen@windriver.com>
31
basic: do not warn in mkdir_p() when parent directory exists
=?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
32
coredump: restore compatibility with older patterns
=?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
33
src/basic/missing.h: check for missing strndupa
Chen Qi <Qi.Chen@windriver.com>
34
network/vlan: drop unnecessary restriction for QoS
Yu Watanabe <watanabe.yu+github@gmail.com>
35
test-json.c: define M_PIl
Chen Qi <Qi.Chen@windriver.com>
Vulnerabilities#
Name
Analysis
Description
Exploitable
In nspawn in systemd 233 through 259 before 260, an escape-to-host action can occur via a crafted optional config file.
Exploitable
In udev in systemd before 260, local root execution can occur via malicious hardware devices and unsanitized kernel output.
Exploitable
systemd, a system and service manager, (as PID 1) hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is not an assert, but stack overwriting, with the attacker controlled content. From version v250 and newer this is not possible as the safety check causes an assert instead. This IPC call was added in v239, so versions older than that are not affected. Versions 260-rc1, 259.2, 258.5, and 257.11 contain patches. No known workarounds are available.
Patched
A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.
A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.
Exploitable
systemd 250 and 251 allows local users to achieve a systemd-coredump deadlock by triggering a crash that has a long backtrace. This occurs in parse_elf_object in shared/elf-util.c. The exploitation methodology is to crash a binary calling the same function recursively, and put it in a deeply nested directory to make its backtrace large enough to cause the deadlock. This must be done 16 times when MaxConnections=16 is set for the systemd/units/systemd-coredump.socket file.
Exploitable
A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.
Exploitable
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.