CVE-2018-15686

NameCVE-2018-15686
DescriptionA vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-1580-1
Debian Bugs912005

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
systemd (PTS)bullseye247.3-7+deb11u5fixed
bullseye (security)247.3-7+deb11u6fixed
bookworm252.33-1~deb12u1fixed
sid, trixie257.2-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
systemdsourcejessie215-17+deb8u8DLA-1580-1
systemdsourcestretch232-25+deb9u10
systemdsource(unstable)239-12912005

Notes

https://bugs.chromium.org/p/project-zero/issues/detail?id=1687
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796402
https://github.com/systemd/systemd/pull/10519
https://github.com/systemd/systemd/commit/9f1c81d80a435d15ca1bd536a6d043c18c81c047
Search for package or bug name: Reporting problems