CVE-2018-15686

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.

References

https://github.com/systemd/systemd/pull/10519

http://www.securityfocus.com/bid/105747

https://www.exploit-db.com/exploits/45714/

https://security.gentoo.org/glsa/201810-10

https://usn.ubuntu.com/3816-1/

https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html

https://access.redhat.com/errata/RHSA-2019:2091

https://access.redhat.com/errata/RHSA-2019:3222

https://access.redhat.com/errata/RHSA-2020:0593

https://lists.apache.org/thread.html/[email protected]%3Cissues.bookkeeper.apache.org%3E

https://www.oracle.com//security-alerts/cpujul2021.html

Details

Source: MITRE

Published: 2018-10-26

Updated: 2021-07-28

Type: CWE-502

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:freedesktop:systemd:*:*:*:*:*:*:*:* versions up to 239 (inclusive)

Configuration 3

OR

cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.4.0:*:*:*:*:*:*:*

Tenable Plugins

View all (31 total)

IDNameProductFamilySeverity
150993Amazon Linux 2 : systemd (ALAS-2021-1647)NessusAmazon Linux Local Security Checks
high
149869Amazon Linux 2 : systemd (ALAS-2021-1643) (deprecated)NessusAmazon Linux Local Security Checks
critical
135613EulerOS Virtualization 3.0.2.2 : systemd (EulerOS-SA-2020-1451)NessusHuawei Local Security Checks
high
135087RHEL 7 : systemd (RHSA-2020:1264)NessusRed Hat Local Security Checks
high
134505EulerOS Virtualization for ARM 64 3.0.2.0 : systemd (EulerOS-SA-2020-1216)NessusHuawei Local Security Checks
high
134065RHEL 7 : systemd (RHSA-2020:0593)NessusRed Hat Local Security Checks
critical
132460NewStart CGSL CORE 5.05 / MAIN 5.05 : systemd Multiple Vulnerabilities (NS-SA-2019-0242)NessusNewStart CGSL Local Security Checks
high
131856EulerOS 2.0 SP2 : systemd (EulerOS-SA-2019-2364)NessusHuawei Local Security Checks
high
130694EulerOS 2.0 SP5 : systemd (EulerOS-SA-2019-2232)NessusHuawei Local Security Checks
high
130377RHEL 7 : systemd (RHSA-2019:3222)NessusRed Hat Local Security Checks
high
129929NewStart CGSL CORE 5.04 / MAIN 5.04 : systemd Multiple Vulnerabilities (NS-SA-2019-0196)NessusNewStart CGSL Local Security Checks
high
129191EulerOS 2.0 SP3 : systemd (EulerOS-SA-2019-1998)NessusHuawei Local Security Checks
high
128350CentOS 7 : systemd (CESA-2019:2091)NessusCentOS Local Security Checks
high
128265Scientific Linux Security Update : systemd on SL7.x x86_64 (20190806)NessusScientific Linux Local Security Checks
high
127669RHEL 7 : systemd (RHSA-2019:2091)NessusRed Hat Local Security Checks
high
123371openSUSE Security Update : systemd (openSUSE-2019-909)NessusSuSE Local Security Checks
critical
122020Photon OS 1.0: Systemd PHSA-2019-1.0-0203NessusPhotonOS Local Security Checks
critical
121061SUSE SLES12 Security Update : systemd (SUSE-SU-2019:0054-1)NessusSuSE Local Security Checks
critical
121060SUSE SLES12 Security Update : systemd (SUSE-SU-2019:0053-1)NessusSuSE Local Security Checks
critical
120769Fedora 29 : systemd (2018-c402eea18b)NessusFedora Local Security Checks
critical
120295Fedora 28 : systemd (2018-24bd6c9d4a)NessusFedora Local Security Checks
critical
120157SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2018:3644-1)NessusSuSE Local Security Checks
critical
119575SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:3767-2)NessusSuSE Local Security Checks
critical
119253Ubuntu 16.04 LTS : systemd regression (USN-3816-3)NessusUbuntu Local Security Checks
high
119043Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : systemd vulnerability (USN-3816-2)NessusUbuntu Local Security Checks
high
119039Debian DLA-1580-1 : systemd security updateNessusDebian Local Security Checks
critical
119028openSUSE Security Update : systemd (openSUSE-2018-1423)NessusSuSE Local Security Checks
critical
118965SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:3767-1)NessusSuSE Local Security Checks
critical
118907Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : systemd vulnerabilities (USN-3816-1)NessusUbuntu Local Security Checks
high
118878openSUSE Security Update : systemd (openSUSE-2018-1382)NessusSuSE Local Security Checks
critical
118510GLSA-201810-10 : systemd: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical