{"id":"CVE-2023-31438","details":"An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\"","modified":"2026-04-10T04:57:38.309612Z","published":"2023-06-13T17:15:14.707Z","related":["CGA-hc8c-rjw9-ffr8"],"references":[{"type":"ADVISORY","url":"https://github.com/kastel-security/Journald"},{"type":"ADVISORY","url":"https://github.com/systemd/systemd/releases"},{"type":"FIX","url":"https://github.com/systemd/systemd/pull/28886"},{"type":"ARTICLE","url":"https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/systemd/systemd","events":[{"introduced":"0"},{"last_affected":"477fdc5afed0457c43d01f3d7ace7209f81d3995"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"253-NA"}]}}],"versions":["v1","v10","v11","v12","v13","v14","v15","v16","v17","v18","v183","v184","v185","v186","v187","v188","v189","v19","v190","v191","v192","v193","v194","v195","v196","v197","v198","v199","v2","v20","v200","v201","v202","v203","v204","v205","v206","v207","v208","v209","v21","v210","v211","v212","v213","v214","v215","v216","v217","v218","v219","v22","v220","v221","v222","v223","v224","v225","v226","v227","v228","v229","v23","v230","v231","v232","v233","v234","v235","v236","v237","v238","v239","v24","v240","v241","v241-rc1","v241-rc2","v242","v242-rc1","v242-rc2","v242-rc3","v242-rc4","v243","v243-rc1","v243-rc2","v244","v244-rc1","v245","v245-rc1","v245-rc2","v246","v246-rc1","v246-rc2","v247","v247-rc1","v247-rc2","v248","v248-2","v248-rc1","v248-rc2","v248-rc3","v248-rc4","v249","v249-rc1","v249-rc2","v249-rc3","v25","v250","v250-rc1","v250-rc2","v250-rc3","v251","v251-rc1","v251-rc2","v251-rc3","v252","v252-rc1","v252-rc2","v252-rc3","v253","v253-rc1","v253-rc2","v253-rc3","v26","v27","v28","v29","v3","v30","v31","v32","v33","v34","v35","v36","v37","v38","v39","v4","v40","v41","v42","v43","v44","v5","v6","v7","v8","v9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-31438.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}]}