Amazon Linux 2 : systemd (ALAS-2019-1141)
Medium Nessus Plugin ID 121050
SynopsisThe remote Amazon Linux 2 host is missing a security update.
DescriptionLarge syslogd messages sent to journald can cause stack corruption, causing journald to crash. The version of systemd on Amazon Linux 2 is not vulnerable to privilege escalation in this case. (CVE-2018-16864)
Large native messages to journald can cause stack corruption, leading to possible local privilege escalation.(CVE-2018-16865)
Please note, if you have systemd-journald-remote configured over http, then you could be open to remote escalation on previous versions of the systemd package. The systemd-journald-remote service is not installed by default on Amazon Linux 2, and when installed and enabled, the default configuration is to use https. (CVE-2018-16865)
An out-of-bounds read in journald, triggered by a specially crafted message, can be used to leak information through the journal file (CVE-2018-16866)
SolutionRun 'yum update systemd' then reboot your instance, to update your system.