CVE-2018-15686

HIGH

Description

A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.

References

http://www.securityfocus.com/bid/105747

https://access.redhat.com/errata/RHSA-2019:2091

https://access.redhat.com/errata/RHSA-2019:3222

https://github.com/systemd/systemd/pull/10519

https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html

https://security.gentoo.org/glsa/201810-10

https://usn.ubuntu.com/3816-1/

https://www.exploit-db.com/exploits/45714/

Details

Source: MITRE

Published: 2018-10-26

Updated: 2019-08-06

Type: CWE-502

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Tenable Plugins

View all (29 total)

ID	Name	Product	Family	Severity
135613	EulerOS Virtualization 3.0.2.2 : systemd (EulerOS-SA-2020-1451)	Nessus	Huawei Local Security Checks	critical
135087	RHEL 7 : systemd (RHSA-2020:1264)	Nessus	Red Hat Local Security Checks	critical
134505	EulerOS Virtualization for ARM 64 3.0.2.0 : systemd (EulerOS-SA-2020-1216)	Nessus	Huawei Local Security Checks	critical
134065	RHEL 7 : systemd (RHSA-2020:0593)	Nessus	Red Hat Local Security Checks	critical
132460	NewStart CGSL CORE 5.05 / MAIN 5.05 : systemd Multiple Vulnerabilities (NS-SA-2019-0242)	Nessus	NewStart CGSL Local Security Checks	critical
131856	EulerOS 2.0 SP2 : systemd (EulerOS-SA-2019-2364)	Nessus	Huawei Local Security Checks	critical
130694	EulerOS 2.0 SP5 : systemd (EulerOS-SA-2019-2232)	Nessus	Huawei Local Security Checks	critical
130377	RHEL 7 : systemd (RHSA-2019:3222)	Nessus	Red Hat Local Security Checks	critical
129929	NewStart CGSL CORE 5.04 / MAIN 5.04 : systemd Multiple Vulnerabilities (NS-SA-2019-0196)	Nessus	NewStart CGSL Local Security Checks	critical
129191	EulerOS 2.0 SP3 : systemd (EulerOS-SA-2019-1998)	Nessus	Huawei Local Security Checks	critical
128350	CentOS 7 : systemd (CESA-2019:2091)	Nessus	CentOS Local Security Checks	critical
128265	Scientific Linux Security Update : systemd on SL7.x x86_64 (20190806)	Nessus	Scientific Linux Local Security Checks	critical
127669	RHEL 7 : systemd (RHSA-2019:2091)	Nessus	Red Hat Local Security Checks	critical
123371	openSUSE Security Update : systemd (openSUSE-2019-909)	Nessus	SuSE Local Security Checks	critical
122020	Photon OS 1.0: Systemd PHSA-2019-1.0-0203	Nessus	PhotonOS Local Security Checks	critical
121061	SUSE SLES12 Security Update : systemd (SUSE-SU-2019:0054-1)	Nessus	SuSE Local Security Checks	critical
121060	SUSE SLES12 Security Update : systemd (SUSE-SU-2019:0053-1)	Nessus	SuSE Local Security Checks	critical
120769	Fedora 29 : systemd (2018-c402eea18b)	Nessus	Fedora Local Security Checks	critical
120295	Fedora 28 : systemd (2018-24bd6c9d4a)	Nessus	Fedora Local Security Checks	critical
120157	SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2018:3644-1)	Nessus	SuSE Local Security Checks	critical
119575	SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:3767-2)	Nessus	SuSE Local Security Checks	critical
119253	Ubuntu 16.04 LTS : systemd regression (USN-3816-3)	Nessus	Ubuntu Local Security Checks	critical
119043	Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : systemd vulnerability (USN-3816-2)	Nessus	Ubuntu Local Security Checks	critical
119039	Debian DLA-1580-1 : systemd security update	Nessus	Debian Local Security Checks	critical
119028	openSUSE Security Update : systemd (openSUSE-2018-1423)	Nessus	SuSE Local Security Checks	critical
118965	SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2018:3767-1)	Nessus	SuSE Local Security Checks	critical
118907	Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : systemd vulnerabilities (USN-3816-1)	Nessus	Ubuntu Local Security Checks	critical
118878	openSUSE Security Update : systemd (openSUSE-2018-1382)	Nessus	SuSE Local Security Checks	critical
118510	GLSA-201810-10 : systemd: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical