CVE-2018-1049

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.

References

http://www.securitytracker.com/id/1041520

https://access.redhat.com/errata/RHSA-2018:0260

https://bugzilla.redhat.com/show_bug.cgi?id=1534701

https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html

https://usn.ubuntu.com/3558-1/

Details

Source: MITRE

Published: 2018-02-16

Updated: 2019-10-09

Type: CWE-362

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM

Tenable Plugins

View all (17 total)

IDNameProductFamilySeverity
131856EulerOS 2.0 SP2 : systemd (EulerOS-SA-2019-2364)NessusHuawei Local Security Checks
high
127166NewStart CGSL MAIN 5.04 : systemd Vulnerability (NS-SA-2019-0014)NessusNewStart CGSL Local Security Checks
medium
124915EulerOS Virtualization for ARM 64 3.0.1.0 : systemd (EulerOS-SA-2019-1412)NessusHuawei Local Security Checks
critical
121972Photon OS 2.0: Systemd PHSA-2018-2.0-0076NessusPhotonOS Local Security Checks
medium
121866Photon OS 1.0: Systemd PHSA-2018-1.0-0167NessusPhotonOS Local Security Checks
critical
119039Debian DLA-1580-1 : systemd security updateNessusDebian Local Security Checks
critical
117552EulerOS Virtualization 2.5.0 : systemd (EulerOS-SA-2018-1243)NessusHuawei Local Security Checks
medium
111960Photon OS 2.0: Blktrace / Systemd / Vim PHSA-2018-2.0-0076 (deprecated)NessusPhotonOS Local Security Checks
medium
111946Photon OS 1.0: Blktrace / Libmspack / Ntp / Openjdk / Perl / Systemd / Vim PHSA-2018-1.0-0167 (deprecated)NessusPhotonOS Local Security Checks
critical
109129Amazon Linux 2 : systemd (ALAS-2018-961)NessusAmazon Linux Local Security Checks
medium
106620Ubuntu 14.04 LTS / 16.04 LTS : systemd vulnerabilities (USN-3558-1)NessusUbuntu Local Security Checks
high
106571Oracle Linux 7 : systemd (ELSA-2018-0260)NessusOracle Linux Local Security Checks
medium
106566CentOS 7 : systemd (CESA-2018:0260)NessusCentOS Local Security Checks
medium
106554Scientific Linux Security Update : systemd on SL7.x x86_64 (20180131)NessusScientific Linux Local Security Checks
medium
106553RHEL 7 : systemd (RHSA-2018:0260)NessusRed Hat Local Security Checks
medium
106548openSUSE Security Update : systemd (openSUSE-2018-117)NessusSuSE Local Security Checks
high
106529SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:0299-1)NessusSuSE Local Security Checks
high