CVE-2023-31437

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-31437

CGA ID

CGA-5cpj-mmg6-5h3v

Severity

Unknown

Description

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

References

https://images.chainguard.dev/security/CGA-5cpj-mmg6-5h3v
https://github.com/advisories/GHSA-9mv8-4v9g-hm48
https://github.com/kastel-security/Journald
https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf
https://github.com/systemd/systemd/releases
https://security-tracker.debian.org/tracker/CVE-2023-31437

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2023-31437

Severity

Description

References

Affected packages

Products

Why Chainguard

Customers

Company

Resources