SystemD bug fix

I am impressed at the quick rollout of the fix for SystemD ( CVE-2021-33910 ) which I applied to my Rocky servers yesterday.

Iain W


Hi !
Just converted my CentOS 8.4 server to Rocky Linux 8.4 but can’t seem to see CVE-2021-33910
on kernel change log

[root@ictmattm2 ~]# cat /etc/rocky-release ; uname -a; rpm -q kernel-4.18.0-305.10.2.el8_4.x86_64 --changelog | grep CVE-2021
Rocky Linux release 8.4 (Green Obsidian)
Linux 4.18.0-305.10.2.el8_4.x86_64 #1 SMP Tue Jul 20 20:34:55 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

  • seq_file: Disallow extremely large seq buffer allocations (Ian Kent) [1975181 1975182] {CVE-2021-33909}
  • bluetooth: eliminate the potential race condition when removing the HCI controller (Gopal Tiwari) [1971464 1971488] {CVE-2021-32399}
  • Bluetooth: verify AMP hci_chan before amp_destroy (Gopal Tiwari) [1962544 1962546] {CVE-2021-33034}
  • scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [1930833] {CVE-2021-27365}
  • scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [1930856] {CVE-2021-27363}
  • scsi: iscsi: Restrict sessions and handles to admin capabilities (Chris Leech) [1930809] {CVE-2021-27364}
  • net/vmw_vsock: fix NULL pointer dereference (Jon Maloy) [1925600] {CVE-2021-26708}
  • net/vmw_vsock: improve locking in vsock_connect_timeout() (Jon Maloy) [1925600] {CVE-2021-26708}
  • vsock: fix locking in vsock_shutdown() (Jon Maloy) [1925600] {CVE-2021-26708}
  • vsock: fix the race conditions in multi-transport support (Jon Maloy) [1925600] {CVE-2021-26708}
  • [netdrv] tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS (Antoine Tenart) [1919364 1917563] {CVE-2021-0342}
  • [netdrv] tun: correct header offsets in napi frags mode (Antoine Tenart) [1919364 1917563] {CVE-2021-0342}

Am I querying incorrectly?


Thanks for raising this question. This is how I did it.

[root@rocky8t01 ~]# yum update systemd && rpm -q systemd --changelog |grep CVE-2021

  • basic/unit-name: do not use strdupa() on a path (CVE-2021-33910, #1974699)
    [root@rocky8t01 ~]# rpm -qi systemd
    Name : systemd
    Version : 239
    Release : 45.el8_4.2
    Architecture: x86_64
    Install Date: Thu 29 Jul 2021 07:42:46 AM CDT
    Group : Unspecified
    Size : 11200172
    License : LGPLv2+ and MIT and GPLv2+
    Signature : RSA/SHA256, Tue 20 Jul 2021 04:07:35 PM CDT, Key ID 15af5dac6d745a60
    Source RPM : systemd-239-45.el8_4.2.src.rpm
    Build Date : Tue 20 Jul 2021 03:59:25 PM CDT
    Build Host :
    Relocations : (not relocatable)
    Packager :
    Vendor : Rocky
    URL : systemd
    Summary : System and Service Manager
    Description :
    systemd is a system and service manager that runs as PID 1 and starts
    the rest of the system. It provides aggressive parallelization
    capabilities, uses socket and D-Bus activation for starting services,
    offers on-demand starting of daemons, keeps track of processes using
    Linux control groups, maintains mount and automount points, and
    implements an elaborate transactional dependency-based service control
    logic. systemd supports SysV and LSB init scripts and works as a
    replacement for sysvinit. Other parts of this package are a logging daemon,
    utilities to control basic system configuration like the hostname,
    date, locale, maintain a list of logged-in users, system accounts,
    runtime directories and settings, and daemons to manage simple network
    configuration, network time synchronization, log forwarding, and name
    [root@rocky8t01 ~]#

Of course , CVE-2021-33910 was a systemd vulnerability.
Just checked this package and can verify that this is addressed as per changelog

[root@ictmattm2 ~]# rpm -qa | grep systemd
root@ictmattm2 ~]# rpm -q systemd-239-45.el8_4.2.x86_64 --changelog | grep CVE-2021

  • basic/unit-name: do not use strdupa() on a path (CVE-2021-33910, #1974699)

Many thanks for the clarification

1 Like