USN-5013-2: systemd vulnerabilities
20 July 2021
Several security issues were fixed in systemd.
Releases
Packages
- systemd - system and service manager
Details
USN-5013-1 fixed several vulnerabilities in systemd. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that systemd incorrectly handled certain mount paths. A
local attacker could possibly use this issue to cause systemd to crash,
resulting in a denial of service. (CVE-2021-33910)
Mitchell Frank discovered that systemd incorrectly handled DHCP FORCERENEW
packets. A remote attacker could possibly use this issue to reconfigure
servers. (CVE-2020-13529)
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
-
systemd
-
229-4ubuntu21.31+esm1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make all
the necessary changes.
References
Related notices
- USN-5013-1: libnss-myhostname, systemd-container, libsystemd0, libudev1, libudev-dev, libpam-systemd, libsystemd-dev, libnss-systemd, udev, systemd-sysv, systemd-journal-remote, systemd-coredump, systemd, libudev1-udeb, systemd-tests, libnss-resolve, udev-udeb, systemd-timesyncd, libnss-mymachines