CVE-2018-1049

medium

Description

In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.

References

Advisories

https://usn.ubuntu.com/3558-1/

https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html

https://bugzilla.redhat.com/show_bug.cgi?id=1534701

https://access.redhat.com/errata/RHSA-2018:0260

http://www.securitytracker.com/id/1041520

Details

Source: Mitre, NVD

Published: 2018-02-16

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00764