|Related CVEs||CVE-2018-1049 CVE-2018-15686|
Jann Horn of Google discovered a vulnerability in unit_deserialize of systemd that allows a local attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation.
In systemd exists a race condition between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.
For Debian 7 Wheezy, these problems have been fixed in version 44-11+deb7u6.
We recommend that you upgrade your systemd packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/