CVE-2018-15686

NameCVE-2018-15686
DescriptionA vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1580-1
NVD severityhigh (attack range: remote)
Debian Bugs912005

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
systemd (PTS)jessie215-17+deb8u7vulnerable
jessie (security)215-17+deb8u13fixed
stretch, stretch (security)232-25+deb9u11fixed
buster, sid241-5fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
systemdsource(unstable)239-12high912005
systemdsourcejessie215-17+deb8u8highDLA-1580-1
systemdsourcestretch232-25+deb9u10high

Notes

https://bugs.chromium.org/p/project-zero/issues/detail?id=1687
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796402
https://github.com/systemd/systemd/pull/10519
https://github.com/systemd/systemd/commit/9f1c81d80a435d15ca1bd536a6d043c18c81c047

Search for package or bug name: Reporting problems