Bug 7250 - [Anolis OS 23] Bugfix for CVE-2023-31438
Summary: [Anolis OS 23] Bugfix for CVE-2023-31438
Status: NEW
Alias: None
Product: Anolis OS 23
Classification: Anolis OS
Component: BaseOS Packages (show other bugs) BaseOS Packages
Version: unspecified
Hardware: All Linux
: P3-Medium S3-normal
Target Milestone: ---
Assignee: happy_orange
QA Contact: bolong_tbl
URL:
Whiteboard:
Keywords: CVE
Depends on:
Blocks:
 
Reported: 2023-11-14 15:24 UTC by 小龙
Modified: 2023-11-14 15:24 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description 小龙 admin 2023-11-14 15:24:11 UTC
Description:
** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Broken commit info:

Bugfix commit info: