oss-sec mailing list archives
Re: CVE-2021-3997: Uncontrolled recursion in systemd's systemd-tmpfiles
From: Sam James <sam () gentoo org>
Date: Tue, 11 Jan 2022 02:55:57 +0000
On 10 Jan 2022, at 18:08, Qualys Security Advisory <qsa () qualys com> wrote: Hi all, We discovered a minor denial of service (an uncontrolled recursion) in systemd-tmpfiles, CVE-2021-3997; the Coordinated Release Date is today (January 10, 2022), and a patch is now available at (many thanks to Zbigniew Jedrzejewski-Szmek for working on this): [snip]
For the benefit of distros: Note that it's been backported in 250.x as 250.2 but there isn't a stable/backport release for 249.x yet. Best, sam
Attachment:
signature.asc
Description: Message signed with OpenPGP
Current thread:
- CVE-2021-3997: Uncontrolled recursion in systemd's systemd-tmpfiles Qualys Security Advisory (Jan 10)
- Re: CVE-2021-3997: Uncontrolled recursion in systemd's systemd-tmpfiles Sam James (Jan 11)
- Re: CVE-2021-3997: Uncontrolled recursion in systemd's systemd-tmpfiles Sam James (Jan 11)
- Re: CVE-2021-3997: Uncontrolled recursion in systemd's systemd-tmpfiles Solar Designer (Feb 18)