Announced 23 July 2021

Updated 23 September 2021 (IGEL OS 11.06.100 is now available)

CVSS 3.1 Score: 8.8 (High)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Summary

A local denial of service vulnerability affects the following IGEL products:

  • IGEL OS 11
  • IGEL OS 10

Details

A research team from Qualys has discovered a vulnerability in systemd (CVE-2021-33910). An unprivileged local user can exploit it to crash systemd and the whole operating system (kernel panic).

Update Instructions

  • IGEL OS 11: Upgrade to IGEL OS 11.06.100
  • IGEL OS 10: Upgrade to IGEL OS 11

Mitigation

References