kastel-security/Journald

kastel-security/Journald

Releases0

Stars1

Three Vulnerabilities in Journald Forward Secure Log Sealing

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-31437 ↗	Jun 13, 2023Tuesday, 13 June 2023, 17:15	5.3 MEDIUM	—
An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."
CVE-2023-31438 ↗	Jun 13, 2023Tuesday, 13 June 2023, 17:15	5.3 MEDIUM	—
An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."
CVE-2023-31439 ↗	Jun 13, 2023Tuesday, 13 June 2023, 17:15	5.3 MEDIUM	—
An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."