View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-16865 severity important: SUSE including 688 source package names (0.1.0:libsystemd0-234-24.20.1, 0.1.0:libudev1-234-24.20.1, …), 1417 product×package rows across 216 product lines (Container caasp/v4/389-ds, Container caasp/v4/busybox, … (216 product lines)): Fixed 1260, Known Affected 157.
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable.