Published: 26/04/2019 Updated: 07/11/2023

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 470

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

It exists that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.

Vulnerable Product	Search on Vulmon	Subscribe to Product
systemd project systemd
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04
canonical ubuntu linux 19.10
netapp solidfire -
netapp hci management node -
netapp snapprotect -
netapp cn1610_firmware -

Debian Bug report logs - #928102 systemd: CVE-2019-3843 CVE-2019-3844 Package: src:systemd; Maintainer for src:systemd is Debian systemd Maintainers <pkg-systemd-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 28 Apr 2019 07:18:01 UTC Severity: important Tags: se ...

Several security issues were fixed in systemd ...

Synopsis Moderate: systemd security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for systemd is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...

Synopsis Moderate: OpenShift Container Platform 461 image security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...

This bug report describes a bug in systemd that allows a service with DynamicUser in collaboration with another service or user to create a setuid binary that can be used to access its UID beyond the lifetime of the service This bug probably has relatively low severity, given that there aren't many services yet that use DynamicUser, and the requir ...

This bug report describes a bug in systemd that allows a service with DynamicUser in collaboration with another service or user to create a setuid binary that can be used to access its UID beyond the lifetime of the service This bug probably has relatively low severity, given that there are not many services yet that use DynamicUser, and the requi ...

CWE-268 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844 http://www.securityfocus.com/bid/108096 https://security.netapp.com/advisory/ntap-20190619-0002/https://usn.ubuntu.com/4269-1/https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928102 https://usn.ubuntu.com/4269-1/https://nvd.nist.gov

CVE-2019-3844

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect