I am impressed at the quick rollout of the fix for SystemD ( CVE-2021-33910 ) which I applied to my Rocky servers yesterday.
Thanks!
Iain W
I am impressed at the quick rollout of the fix for SystemD ( CVE-2021-33910 ) which I applied to my Rocky servers yesterday.
Thanks!
Iain W
Hi !
Just converted my CentOS 8.4 server to Rocky Linux 8.4 but can’t seem to see CVE-2021-33910
on kernel change log
[root@ictmattm2 ~]# cat /etc/rocky-release ; uname -a; rpm -q kernel-4.18.0-305.10.2.el8_4.x86_64 --changelog | grep CVE-2021
Rocky Linux release 8.4 (Green Obsidian)
Linux ictmattm2.scidom.de 4.18.0-305.10.2.el8_4.x86_64 #1 SMP Tue Jul 20 20:34:55 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Am I querying incorrectly?
Best,
JojoE
Hi
Thanks for raising this question. This is how I did it.
[root@rocky8t01 ~]# yum update systemd && rpm -q systemd --changelog |grep CVE-2021
- basic/unit-name: do not use strdupa() on a path (CVE-2021-33910, #1974699)
[root@rocky8t01 ~]# rpm -qi systemd
Name : systemd
Version : 239
Release : 45.el8_4.2
Architecture: x86_64
Install Date: Thu 29 Jul 2021 07:42:46 AM CDT
Group : Unspecified
Size : 11200172
License : LGPLv2+ and MIT and GPLv2+
Signature : RSA/SHA256, Tue 20 Jul 2021 04:07:35 PM CDT, Key ID 15af5dac6d745a60
Source RPM : systemd-239-45.el8_4.2.src.rpm
Build Date : Tue 20 Jul 2021 03:59:25 PM CDT
Build Host : ord1-prod-x86build002.svc.aws.rockylinux.org
Relocations : (not relocatable)
Packager : infrastructure@rockylinux.org
Vendor : Rocky
URL : systemd
Summary : System and Service Manager
Description :
systemd is a system and service manager that runs as PID 1 and starts
the rest of the system. It provides aggressive parallelization
capabilities, uses socket and D-Bus activation for starting services,
offers on-demand starting of daemons, keeps track of processes using
Linux control groups, maintains mount and automount points, and
implements an elaborate transactional dependency-based service control
logic. systemd supports SysV and LSB init scripts and works as a
replacement for sysvinit. Other parts of this package are a logging daemon,
utilities to control basic system configuration like the hostname,
date, locale, maintain a list of logged-in users, system accounts,
runtime directories and settings, and daemons to manage simple network
configuration, network time synchronization, log forwarding, and name
resolution.
[root@rocky8t01 ~]#
Of course , CVE-2021-33910 was a systemd vulnerability.
Just checked this package and can verify that this is addressed as per changelog
[root@ictmattm2 ~]# rpm -qa | grep systemd
systemd-239-45.el8_4.2.x86_64
root@ictmattm2 ~]# rpm -q systemd-239-45.el8_4.2.x86_64 --changelog | grep CVE-2021
Many thanks for the clarification