CVE-2018-15686

NameCVE-2018-15686
DescriptionA vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1580-1
NVD severityhigh (attack range: remote)
Debian Bugs912005

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
systemd (PTS)jessie215-17+deb8u7vulnerable
jessie (security)215-17+deb8u11fixed
stretch232-25+deb9u8vulnerable
stretch (security)232-25+deb9u9vulnerable
buster241-1fixed
sid241-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
systemdsource(unstable)239-12high912005
systemdsourcejessie215-17+deb8u8highDLA-1580-1

Notes

[stretch] - systemd <no-dsa> (Minor issue)
https://bugs.chromium.org/p/project-zero/issues/detail?id=1687
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796402
https://github.com/systemd/systemd/pull/10519
https://github.com/systemd/systemd/commit/9f1c81d80a435d15ca1bd536a6d043c18c81c047

Search for package or bug name: Reporting problems