CVE-2019-9619

NameCVE-2019-9619
Descriptionnot enabled pam_systemd for non-interactive sessions
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
systemd (PTS)jessie215-17+deb8u7vulnerable
jessie (security)215-17+deb8u13vulnerable
stretch (security), stretch232-25+deb9u11vulnerable
buster241-5vulnerable
bullseye, sid241-7vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
systemdsource(unstable)(unfixed)

Notes

[buster] - systemd <ignored> (Too intrusive change for a stable release)
[stretch] - systemd <ignored> (Too intrusive change for a stable release)
[jessie] - systemd <ignored> (Too intrusive change for a stable release)
https://bugs.launchpad.net/bugs/1812316
https://bugs.chromium.org/p/project-zero/issues/detail?id=1756
For a stable release, activating pam_systemd for non-interactive sessions will
likely have all sorts of unexpected/unwanted side-effects.

Search for package or bug name: Reporting problems