{"id":"MGASA-2014-0188","summary":"Updated systemd packages fix a buffer overflow","details":"A stack-based buffer overflow was found in systemd-ask-password, a utility\nused to query a system password or passphrase from the user, using a\nquestion message specified on the command line. A local user could this\nflaw to crash the binary or even execute arbitrary code with the\npermissions of the user running the program.\n\nThe systemd packages shipped with Mageia 3 and 4 have been updated to\naddress this vulnerability.\n\nAdditionally, the Mageia 4 packages include various other general\nstability and performance fixed deemed appropriate for the stable\nupdates.\n","modified":"2026-04-16T04:29:08.064471Z","published":"2014-04-23T16:07:45Z","references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0188.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131370.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13219"}],"affected":[{"package":{"name":"systemd","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/systemd?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"195-22.2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0188.json"}},{"package":{"name":"systemd","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/systemd?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"208-10.5.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0188.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}