Incorrect Privilege Assignment in systemd

Do your applications use this vulnerable package? Test your applications

Overview

It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.

References

Debian Security Tracker
Fedora Security Update
Netapp Security Advisory
RedHat Bugzilla Bug
Security Focus
UBUNTU
Ubuntu CVE Tracker

Attack Vector

Local
Attack Complexity

Low
Privileges Required

Low
User Interaction

None
Scope

Unchanged
Confidentiality

High
Integrity

High
Availability

High

CVE: CVE-2019-3843
CWE: CWE-266
Snyk ID: SNYK-UBUNTU1804-SYSTEMD-345433
Disclosed: 26 Apr, 2019
Published: 26 Apr, 2019

Incorrect Privilege Assignment
Affecting systemd package, versions <237-3ubuntu10.38

Overview

References

CVSS Score

Incorrect Privilege Assignment Affecting systemd package, versions <237-3ubuntu10.38

Overview

References

Incorrect Privilege Assignment
Affecting systemd package, versions <237-3ubuntu10.38