Synopsis: Moderate: systemd security and bug fix update
Advisory ID: SLSA-2016:2610-1
Issue Date: 2016-11-03
CVE Numbers: CVE-2016-7795
* A flaw was found in the way systemd handled empty notification messages.
A local attacker could use this flaw to make systemd freeze its execution,
preventing further management of system services, system shutdown, or
zombie process collection via systemd. (CVE-2016-7795)
* Previously, the udev device manager automatically enabled all memory
banks on IBM z System installations. As a consequence, hot plug memory was
enabled automatically, which was incorrect. With this update, system
architecture checks have been added to the udev rules to address the
problem. As a result, hot plug memory is no longer automatically enabled.
– Scientific Linux Development Team