A set of systemd-journald exploits

Qualys has sent out a security advisory describing three stack-overrunvulnerabilities in systemd-journald. "We developed an exploit for CVE-2018-16865 and CVE-2018-16866 thatobtains a local root shell in 10 minutes on i386 and 70 minutes onamd64, on average. We will publish our exploit in the near future.To the best of our knowledge, all systemd-based Linux distributions arevulnerable, but SUSE Linux Enterprise 15, openSUSE Leap 15.0, and Fedora28 and 29 are not exploitable because their user space is compiled withGCC's -fstack-clash-protection."