Race Condition in systemd

Do your applications use this vulnerable package? Test your applications

Overview

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

References

Debian Security Tracker
Exploit DB
Gentoo Security Advisory
GitHub Commit
Security Focus
Ubuntu CVE Tracker
Ubuntu Security Advisory

Attack Vector

Local
Attack Complexity

High
Privileges Required

Low
User Interaction

None
Scope

Unchanged
Confidentiality

None
Integrity

High
Availability

None

CVE: CVE-2018-15687
CWE: CWE-362
Snyk ID: SNYK-UBUNTU1604-SYSTEMD-305110
Disclosed: 26 Oct, 2018
Published: 28 Oct, 2018

Race Condition
Affecting systemd package, versions <229-4ubuntu21.8

Overview

References

CVSS Score

Race Condition Affecting systemd package, versions <229-4ubuntu21.8

Overview

References

Race Condition
Affecting systemd package, versions <229-4ubuntu21.8