SUSE Support

Here When You Need Us

Security vulnerability : systemd-journal aka CVE-2018-16864, CVE-2018-16865 & CVE-2018-16866

This document (7023611) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 15

Situation

SUSE received a detailed report by Qualys about three vulnerabilities that were discovered in systemd-journald :

  • CVE-2018-16864: Memory corruptions via attacker-controlled alloca()s
This is exploitable since v230 and does affect SUSE Linux Enterprise 15. SUSE Linux Enterprise 15 is compiled with -fstack-clash-protection which mitigates this issue. As such, this is not exploitable there, but fixes will be released with the next regular update anyway.
  • CVE-2018-16865: Memory corruptions via attacker-controlled alloca()s
SUSE Linux Enterprise 12 and SUSE Linux Enterprise 15 are affected, but -fstack-clash-protection mitigates this issue on SLES 12 SP2, SP3, SP4 and SLE15. 
For SLE12 GA LTSS and SLE12 SP1 LTSS, SUSE released updates to fix this issue. 
For the other products SUSE will release the fix with the next regular update.
  • CVE-2018-16866: Information leak via an out-of-bounds read
SUSE Linux Enterprise 12 and SUSE Linux Enterprise 15 are affected. This is fixed for SLE12 GA LTSS and SLE12 SP1 LTSS in the current update round. For the other products we will release the fix with the next regular update since this is considered a minor issue.

Resolution

SUSE has already released updates to address this issue, or is in the process of releasing updates pending validation by QA.

Cause

CVE-2018-16864

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7023611
  • Creation Date: 03-Jan-2019
  • Modified Date:03-Mar-2020
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community
tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

Support FAQ
tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center