CVE-2019-6454

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).

References

https://www.debian.org/security/2019/dsa-4393

https://usn.ubuntu.com/3891-1/

https://lists.fedoraproject.org/archives/list/[email protected]/message/N67IOBOTDOMVNQJ5QRU2MXLEECXPGNVJ/

https://lists.debian.org/debian-lts-announce/2019/02/msg00031.html

https://github.com/systemd/systemd/commits/master/src/libsystemd/sd-bus/bus-objects.c

https://access.redhat.com/errata/RHSA-2019:0368

http://www.securityfocus.com/bid/107081

http://www.openwall.com/lists/oss-security/2019/02/19/1

http://www.openwall.com/lists/oss-security/2019/02/18/3

http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00070.html

https://security.netapp.com/advisory/ntap-20190327-0004/

https://kc.mcafee.com/corporate/index?page=content&id=SB10278

https://access.redhat.com/errata/RHSA-2019:0990

http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00062.html

https://access.redhat.com/errata/RHSA-2019:1322

https://access.redhat.com/errata/RHSA-2019:1502

https://access.redhat.com/errata/RHSA-2019:2805

Details

Source: MITRE

Published: 2019-03-21

Updated: 2021-07-20

Type: CWE-119

Risk Information

CVSS v2

Base Score: 4.9

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Impact Score: 6.9

Exploitability Score: 3.9

Severity: MEDIUM

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.8

Severity: MEDIUM

Tenable Plugins

View all (38 total)

IDNameProductFamilySeverity
149869Amazon Linux 2 : systemd (ALAS-2021-1643) (deprecated)NessusAmazon Linux Local Security Checks
critical
145673CentOS 8 : systemd (CESA-2019:0990)NessusCentOS Local Security Checks
medium
129039RHEL 7 : systemd (RHSA-2019:2805)NessusRed Hat Local Security Checks
medium
128160Photon OS 3.0: Systemd PHSA-2019-3.0-0024NessusPhotonOS Local Security Checks
high
127575Oracle Linux 8 : systemd (ELSA-2019-0990)NessusOracle Linux Local Security Checks
medium
127248NewStart CGSL CORE 5.04 / MAIN 5.04 : systemd Multiple Vulnerabilities (NS-SA-2019-0057)NessusNewStart CGSL Local Security Checks
medium
126736SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:1364-2)NessusSuSE Local Security Checks
high
126025RHEL 7 : systemd (RHSA-2019:1502)NessusRed Hat Local Security Checks
medium
125712RHEL 7 : systemd (RHSA-2019:1322)NessusRed Hat Local Security Checks
medium
125537SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:1364-1)NessusSuSE Local Security Checks
high
125453openSUSE Security Update : systemd (openSUSE-2019-1450)NessusSuSE Local Security Checks
high
125244SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2019:1265-1)NessusSuSE Local Security Checks
high
124915EulerOS Virtualization for ARM 64 3.0.1.0 : systemd (EulerOS-SA-2019-1412)NessusHuawei Local Security Checks
critical
124672RHEL 8 : systemd (RHSA-2019:0990)NessusRed Hat Local Security Checks
medium
123882EulerOS Virtualization 2.5.4 : systemd (EulerOS-SA-2019-1196)NessusHuawei Local Security Checks
medium
123724EulerOS Virtualization 2.5.3 : systemd (EulerOS-SA-2019-1256)NessusHuawei Local Security Checks
medium
123627EulerOS 2.0 SP5 : systemd (EulerOS-SA-2019-1153)NessusHuawei Local Security Checks
medium
123602EulerOS 2.0 SP2 : systemd (EulerOS-SA-2019-1128)NessusHuawei Local Security Checks
medium
123120EulerOS 2.0 SP3 : systemd (EulerOS-SA-2019-1107)NessusHuawei Local Security Checks
critical
122739RHEL 7 : Virtualization Manager (RHSA-2019:0461)NessusRed Hat Local Security Checks
medium
122737RHEL 7 : Virtualization Manager (RHSA-2019:0457)NessusRed Hat Local Security Checks
medium
122735GLSA-201903-07 : systemd: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
122725Fedora 28 : systemd (2019-2dab60e288)NessusFedora Local Security Checks
medium
122529openSUSE Security Update : systemd (openSUSE-2019-268)NessusSuSE Local Security Checks
medium
122496openSUSE Security Update : systemd (openSUSE-2019-255)NessusSuSE Local Security Checks
medium
122392Scientific Linux Security Update : systemd on SL7.x x86_64 (20190221)NessusScientific Linux Local Security Checks
medium
122371Fedora 29 : systemd (2019-8434288a24)NessusFedora Local Security Checks
medium
122350CentOS 7 : systemd (CESA-2019:0368)NessusCentOS Local Security Checks
medium
122340SUSE SLED12 / SLES12 Security Update : systemd (SUSE-SU-2019:0428-1)NessusSuSE Local Security Checks
medium
122334RHEL 7 : systemd (RHSA-2019:0368)NessusRed Hat Local Security Checks
medium
122325Oracle Linux 7 : systemd (ELSA-2019-0368)NessusOracle Linux Local Security Checks
medium
122319Debian DLA-1684-1 : systemd security updateNessusDebian Local Security Checks
medium
122314Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : systemd vulnerability (USN-3891-1)NessusUbuntu Local Security Checks
medium
122312SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:0426-1)NessusSuSE Local Security Checks
medium
122311SUSE SLES12 Security Update : systemd (SUSE-SU-2019:0425-1)NessusSuSE Local Security Checks
medium
122310SUSE SLES12 Security Update : systemd (SUSE-SU-2019:0424-1)NessusSuSE Local Security Checks
medium
122270Debian DSA-4393-1 : systemd - security updateNessusDebian Local Security Checks
medium
122261Amazon Linux 2 : systemd (ALAS-2019-1164)NessusAmazon Linux Local Security Checks
medium