Red Hat Product Errata RHSA-2024:3203 - Security Advisory
Issued:
2024-05-22
Updated:
2024-05-22

RHSA-2024:3203 - Security Advisory

Synopsis

Moderate: systemd security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for systemd is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups. In addition, it supports snapshotting and restoring of the system state, maintains mount and automount points, and implements an elaborate transactional dependency-based service control logic. It can also work as a drop-in replacement for sysvinit.

Security Fix(es):

  • systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes (CVE-2023-7008)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.10 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

  • BZ - 2222672 - CVE-2023-7008 systemd-resolved: Unsigned name response in signed zone is not refused when DNSSEC=yes
  • RHEL-18302 - systemd tries to crash, but fails because malloc hangs indefinitely
  • RHEL-22426 - Update list of RHEL specific network naming schemes - RHEL 8.10.0
  • RHEL-2857 - Backport support for RebootKey in systemd-logind
  • RHEL-5863 - systemd-239-31 prevents some units from stopping
  • RHEL-5991 - Systemd-analyze security reports false information

Red Hat Enterprise Linux for x86_64 8

SRPM
systemd-239-82.el8.src.rpm SHA-256: ff195da996166a34499dfcf48ab820830e36655558a755932cf8c88f7173b442
x86_64
systemd-239-82.el8.i686.rpm SHA-256: 6acdb76eece8b8a440e7a3996d7458ff4e881fa8e50bcc931a185cc25ab41df9
systemd-239-82.el8.x86_64.rpm SHA-256: 9a627c9e642cb8f50c74dc66a930a4cc68212d536ad96133d20f70dad526f690
systemd-container-239-82.el8.i686.rpm SHA-256: faf02623669f960ae0b9576b34027afc1b4f4adecd9f2e08b17843ca58dad5a2
systemd-container-239-82.el8.x86_64.rpm SHA-256: 85d1dac90ef7571062928e3b6eb7d7c99cd160f19e9cf97bf624dc698b372251
systemd-container-debuginfo-239-82.el8.i686.rpm SHA-256: 40edaaaa99b60263ea10a295dea925c233dc09c09f7029c6ddbe0cc8d32ecfdf
systemd-container-debuginfo-239-82.el8.x86_64.rpm SHA-256: e31b6abe59ac7a454831fa5d94f7cd57af8486e8d86ed8318e694aba6cb4bbe4
systemd-debuginfo-239-82.el8.i686.rpm SHA-256: 3b412e7bd6d1a58e071f957872d112a3f48e0d80ba54426c25caff2e01c65bed
systemd-debuginfo-239-82.el8.x86_64.rpm SHA-256: 95c8040db80f43637f84fcb95ecb350a14e3a3fb9c101fa0ce9927211dd723a8
systemd-debugsource-239-82.el8.i686.rpm SHA-256: 7fc858d45ed7a26da5e90289957ec94ba916c1755387dd16faeaa5c180193bb1
systemd-debugsource-239-82.el8.x86_64.rpm SHA-256: 48bfdd733929f383137aa538000f9ac264d3cf3494c219e8a975e8d6e9e6cd04
systemd-devel-239-82.el8.i686.rpm SHA-256: 39deb0f3a31ed2b823b3c2d6e55569d59d8c80e12cb1922eb9f6e6d2e9982bb8
systemd-devel-239-82.el8.x86_64.rpm SHA-256: 2cbf332478710ac045fa9196b2c48ede159fcf5612d18ddd71b5a86a3343e05a
systemd-journal-remote-239-82.el8.x86_64.rpm SHA-256: 7e632e6903ca1d2f3c6881cdcee6db95a2f352b24d6b1485c452f32eadbeb636
systemd-journal-remote-debuginfo-239-82.el8.i686.rpm SHA-256: 5c9730c4361472645a16f958873be29cbea106711799d6ab07070499d8db0dc9
systemd-journal-remote-debuginfo-239-82.el8.x86_64.rpm SHA-256: 1f41948991f71fd44c59ecd614edf4af3882e5a139923c380c2c30e543e69f54
systemd-libs-239-82.el8.i686.rpm SHA-256: 978bc8c60a7114615b2806627b9ff0d96a164a65ebb4883bc13ab81a30a11c9b
systemd-libs-239-82.el8.x86_64.rpm SHA-256: faa2b706b471db59aa20c7e9c794228b77578b4449106e8e0053218dec406075
systemd-libs-debuginfo-239-82.el8.i686.rpm SHA-256: 62032f034527f58da4b4c98ea5b5c40404130f76d056ec45f24613c847bf94f5
systemd-libs-debuginfo-239-82.el8.x86_64.rpm SHA-256: 5de005aab77f07b3589b78602989a844e926a733e41fb78fbd7b4cfd1351d0ff
systemd-pam-239-82.el8.x86_64.rpm SHA-256: 5155a6a62956459ddb6968020c6837ca5cfcf89942dcc3578f810f9f72bf2694
systemd-pam-debuginfo-239-82.el8.i686.rpm SHA-256: 0e932e176e201b07f4cea386c73c2cb4405558f84794ccac986af504770ae85f
systemd-pam-debuginfo-239-82.el8.x86_64.rpm SHA-256: 2c44057297254ecdf351f2a0ff4431e9f861da21cc52007b7cce2cb1db4ac273
systemd-tests-239-82.el8.x86_64.rpm SHA-256: c89093f6ef634664ae933872bc60408a3f1901f020c9d752c623120733adb1ec
systemd-tests-debuginfo-239-82.el8.i686.rpm SHA-256: ff464f26e305eb7fe0ca1591f6daccc35b19aa611467ffdebfc0dceb101989bc
systemd-tests-debuginfo-239-82.el8.x86_64.rpm SHA-256: 2f688fa1a5ee151a90958b4a22d7d1980afbf983d72797da15302f73290c7117
systemd-udev-239-82.el8.x86_64.rpm SHA-256: a451b956f99f38f4e57e8313a3ccf2f0ebd796ec160fa8df04f27782464fb521
systemd-udev-debuginfo-239-82.el8.i686.rpm SHA-256: 42af8e4a046a2e951f4ca3be14330d2d7e4b00d326cc0a0bf5568cf813ea2794
systemd-udev-debuginfo-239-82.el8.x86_64.rpm SHA-256: d774bab72aa8b528d41b3cc83db686c1f9ead3927293e6623a50eb49792bf506

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
systemd-239-82.el8.src.rpm SHA-256: ff195da996166a34499dfcf48ab820830e36655558a755932cf8c88f7173b442
s390x
systemd-239-82.el8.s390x.rpm SHA-256: 3451d2d14b0f88488541b1841b74e371069b858f63a2015c996a7f5eb5fd9022
systemd-container-239-82.el8.s390x.rpm SHA-256: af18c4543b59f0aef442388b2476c550dc303b66e2c98385a4bcabf8a2091be3
systemd-container-debuginfo-239-82.el8.s390x.rpm SHA-256: 488c65770b2bad2729d8a1fd15422edbb9a22701b1ab6bb65a8dcd1e9f91b381
systemd-debuginfo-239-82.el8.s390x.rpm SHA-256: 24512b787df8278a340b88e18f948eb5c53fe9f3220b685017a5f46b2b3e5d9d
systemd-debugsource-239-82.el8.s390x.rpm SHA-256: 55d54515aead701baa7fb11841e07e7396ea2861166a286e1903f65bc97e4ec6
systemd-devel-239-82.el8.s390x.rpm SHA-256: bc6c0dad1204876e385b483fd1165d84859c02ce10cbfe20ceb8c36a8d820ef3
systemd-journal-remote-239-82.el8.s390x.rpm SHA-256: 454fea12dfe1e2bc186eff633352309899ed6c25c90af094e17d516f48a8e9ae
systemd-journal-remote-debuginfo-239-82.el8.s390x.rpm SHA-256: d46fc6fb2d02139b8dd72c792bbdd5403ce52a4bed084176ff26cc20b1e33d06
systemd-libs-239-82.el8.s390x.rpm SHA-256: b170251c5529eb56dd898ebc1ca2c740b35e173e3f87133fe22f593452ad9ba3
systemd-libs-debuginfo-239-82.el8.s390x.rpm SHA-256: f3730e96d42f6de432a924194701391c2e584048354486e8ab0ae0d51e766502
systemd-pam-239-82.el8.s390x.rpm SHA-256: c16e4af6fd606abac1dc7d04944f11508d6e6681b2f9f06a9f5847cd87c532bf
systemd-pam-debuginfo-239-82.el8.s390x.rpm SHA-256: 9edd83292af00b05d8abffe4e9117272b2f4705e5da0afeb184fdff489e5facc
systemd-tests-239-82.el8.s390x.rpm SHA-256: e5ac1420441c9f46e3152b824f163d47242896caf22c1f2ccdb3f9f35e5c320b
systemd-tests-debuginfo-239-82.el8.s390x.rpm SHA-256: c7d4fb61d32922580708f71ae26737d70bc82ea2d4661ac2465305e80cbf6790
systemd-udev-239-82.el8.s390x.rpm SHA-256: 57a8f6216a4413964f7e08bf8867908ae9b12c76c93d7b0e61101282837afa16
systemd-udev-debuginfo-239-82.el8.s390x.rpm SHA-256: 928fe7bb0005f22124ac5447febb0d13b384d35d3172ec771d89fd4738b98e5d

Red Hat Enterprise Linux for Power, little endian 8

SRPM
systemd-239-82.el8.src.rpm SHA-256: ff195da996166a34499dfcf48ab820830e36655558a755932cf8c88f7173b442
ppc64le
systemd-239-82.el8.ppc64le.rpm SHA-256: 347bda66fd0242abc6d91eeffc49bdc712bb80f26c55ed0f4b448f06ecd9a188
systemd-container-239-82.el8.ppc64le.rpm SHA-256: 0e2cdaba76b21d0667ddd1c00316f1d2fb4cc77ab03045046bc3d8be934b6089
systemd-container-debuginfo-239-82.el8.ppc64le.rpm SHA-256: 3af0005bb8f96fd038bc144d3890c314642ed912b0d4515a5160ff0ae00c5f32
systemd-debuginfo-239-82.el8.ppc64le.rpm SHA-256: ca168d7465e6fbfceee6ccc863e737aa3544b3da54f10bf8fa401d4ea9d4ef74
systemd-debugsource-239-82.el8.ppc64le.rpm SHA-256: 0c2aa465cd1ff0cf389c8a292b3bbff35f5f7de4d02bdca1f11ee9b22e9055f1
systemd-devel-239-82.el8.ppc64le.rpm SHA-256: f79b14d894638b6bae56d9c7922e5973f20824db4284f83f0b6582e1c007fb0e
systemd-journal-remote-239-82.el8.ppc64le.rpm SHA-256: 2d6047c15c909838c21b6479740faa4edebac0e887d17790efaa24e4921f1e95
systemd-journal-remote-debuginfo-239-82.el8.ppc64le.rpm SHA-256: 7720792ec6525e0e9236a3badeff7cab0c71b068affe64c939e09e7fe6acefc1
systemd-libs-239-82.el8.ppc64le.rpm SHA-256: 732098b5e724169584db7a2c2c0d5164519c1a89bc3bed2004f841d91dca9b64
systemd-libs-debuginfo-239-82.el8.ppc64le.rpm SHA-256: 86a91ed9cf058ed95ab47bc8908ee270d555fec31870ea9257e6e29db45cee29
systemd-pam-239-82.el8.ppc64le.rpm SHA-256: a5cf945db1083bb595641794bacd615719c9b941a3f166d49aee20655fcbe129
systemd-pam-debuginfo-239-82.el8.ppc64le.rpm SHA-256: da68f8f84a1da4648d7be7c85ac1ff9b01b1212574c9a497e121d831eca36216
systemd-tests-239-82.el8.ppc64le.rpm SHA-256: c0727176e57c6f5c8312bf4781a1262922ecf91fa38f2a7e0f0115280e3847a8
systemd-tests-debuginfo-239-82.el8.ppc64le.rpm SHA-256: c1c447214b6d37536ce650af27980cb166cc7398727827c31238b5b0c2499547
systemd-udev-239-82.el8.ppc64le.rpm SHA-256: 820529b644a3b09d994071f3a5e51e84099b98e0bccd0e79d9d5468235a8b966
systemd-udev-debuginfo-239-82.el8.ppc64le.rpm SHA-256: 941d17a127b7b272ae63c716ecc60d00dd647ab8dd3c37315cbb603d9fa44f40

Red Hat Enterprise Linux for ARM 64 8

SRPM
systemd-239-82.el8.src.rpm SHA-256: ff195da996166a34499dfcf48ab820830e36655558a755932cf8c88f7173b442
aarch64
systemd-239-82.el8.aarch64.rpm SHA-256: 3c0d567b36e48a1e52d9c9ac2021c680a22cb96621e09e0740a0afd830296035
systemd-container-239-82.el8.aarch64.rpm SHA-256: 834fe866883cdac28d963373b7a53973f4f7fd76de510430963b227353afed4e
systemd-container-debuginfo-239-82.el8.aarch64.rpm SHA-256: 89c73c8896633403b058d68093b0062edc9b1686d7b530dd29704e266ad84f59
systemd-debuginfo-239-82.el8.aarch64.rpm SHA-256: 91dc6c01d930c006d768b1429c95369a29d25a84372a6d374e21b15bbeca8f21
systemd-debugsource-239-82.el8.aarch64.rpm SHA-256: a49e68ada025622be07600eed16d18d697bc241bab75663433b4b5f14ee97363
systemd-devel-239-82.el8.aarch64.rpm SHA-256: 83e65a3ee402a5d44a0c697eb066cb46d24cc7245956ff572be533596512d8ef
systemd-journal-remote-239-82.el8.aarch64.rpm SHA-256: 380aa46f854118aee454277e126127b61137d9d05e5cca75bcfb7e3892011a57
systemd-journal-remote-debuginfo-239-82.el8.aarch64.rpm SHA-256: 66e23627bed24d229090fb217592365fac87b53c01d8ddd295e5dde05ee0c9ed
systemd-libs-239-82.el8.aarch64.rpm SHA-256: 1ebbddac905fc9989c4036485ca5c6ad3054d81ec5f4030b16c33e29d48cb43a
systemd-libs-debuginfo-239-82.el8.aarch64.rpm SHA-256: a932b0e5a1e4d634c4112ae8032e5b34e7a4e3f2546d61e1e6423f6e91b75a2f
systemd-pam-239-82.el8.aarch64.rpm SHA-256: 4127d0e4c2542d9587cb3627c7ef5e243f3268afb0b022aaa3be602830815c4e
systemd-pam-debuginfo-239-82.el8.aarch64.rpm SHA-256: a6e43eb987322ef6cfe0a8250bba0635fd8bf0f336e18ada9032e2a3117a9972
systemd-tests-239-82.el8.aarch64.rpm SHA-256: d21e71bcad99ea06f3791a72cf4ae742563227802552be85969c7829e7ebe7de
systemd-tests-debuginfo-239-82.el8.aarch64.rpm SHA-256: 95096446450d2a7c4c29b5081fe299b8b0e1a12e204bdeb371bd84f1ca29e2cc
systemd-udev-239-82.el8.aarch64.rpm SHA-256: 75d90096035695768217b0d61b14604d23de02001004c9365fc8b55ca8f59589
systemd-udev-debuginfo-239-82.el8.aarch64.rpm SHA-256: e6c5be017d7cc86b398da2ea9ccdb9c044581ffc0703f194b74a59a2ac45f250

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.