Announcement

Collapse
No announcement yet.

CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866

    Are we safe against the recent vulnerabilities with root escalation :
    CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866

    That affects RedHat 7, and others?

    Thanks.
    Hostking | Since 2013 | Web Hosting | WordPress Web Hosting
    Tags: None
  • #2
    Hello,

    According to this thread:
    cve-details
    https://access.redhat.com/security/cve/cve-2018-16865

    This issue affects the versions of systemd as shipped with Red Hat Enterprise Linux 7.
    Well import the fix for CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 into our repositories once RH releases it.
    Please stay tuned to our blog to be aware of latest updates: http://cloudlinux.com/blog

    Comment

    • #3
      Patches are now released upstream. See attached errata from RH.

      Comment

      • #4
        CVE-2018-16865, and CVE-2018-16866 , , ,

        Facing this is from last months, any solution??

        Comment

        • #5
          Hi,

          > CVE-2018-16865, and CVE-2018-16866

          The first CVE is already included in our updates. Unfortunately, the second one, CVE-2018-16866 is still not resolved by the upstream (RHEL). We will release it as soon as the fix becomes available.

          Comment

          • #6
            Ive just come across the file about systemd-journald exploit produced by Qualys but cant download it - my antivirus is blocking the process and the message about malware intrusion is appearing.
            Is Red Hat Enterprise Linux 8 affected as well?
            The file source:
            https://System Down: A systemd-journ... syndicated to essay cheap journal demonstrates the vulnerabilities

            Comment

            • #7
              Hello Grant,

              Not sure that we could help you with the RHEL8, as we dont support that, Im afraid. Usually, the CVEs are being patched by RHEL, so if you have their OS installed, you should be able to get the latest security updates via usual "yum update".
              If you have any security concerns or troubles with updating the packages on your CloudLinux system, please reach out to us here:
              https://[https://cloudlinux.zendesk....s/requests/new
              Thanks.](https://cloudlinux.zendesk.com/hc/en-us/requests/new)

              Comment

              Previous template Next
              Working...
              X