Fixed
Created: Jan 15, 2019
Updated: Mar 19, 2019
Resolved Date: Mar 3, 2019
Found In Version: 8.0.0.28
Fix Version: 8.0.0.30
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.
https://nvd.nist.gov/vuln/detail/CVE-2018-16865
