4.9
CVSSv2

CVE-2019-6454

Published: 21/03/2019 Updated: 20/07/2021
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 437
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

An issue exists in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

freedesktop systemd 239

opensuse leap 15.0

netapp active iq performance analytics services -

debian debian linux 8.0

debian debian linux 9.0

fedoraproject fedora 29

canonical ubuntu linux 18.04

canonical ubuntu linux 18.10

canonical ubuntu linux 16.04

redhat enterprise linux server aus 7.6

redhat enterprise linux server eus 7.6

redhat enterprise linux server tus 7.6

redhat enterprise linux server 7.0

redhat enterprise linux workstation 7.0

redhat enterprise linux desktop 7.0

Vendor Advisories

Synopsis Important: systemd security update Type/Severity Security Advisory: Important Topic An update for systemd is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis Important: systemd security and bug fix update Type/Severity Security Advisory: Important Topic An update for systemd is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...
Synopsis Moderate: systemd security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for systemd is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...
Synopsis Important: systemd security update Type/Severity Security Advisory: Important Topic An update for systemd is now available for Red Hat Enterprise Linux 73 Advanced Update Support, Red Hat Enterprise Linux 73 Telco Extended Update Support, and Red Hat Enterprise Linux 73 Update Services for SAP S ...
Synopsis Moderate: rhvm-appliance security update Type/Severity Security Advisory: Moderate Topic An update for rhvm-appliance is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnera ...
Synopsis Important: systemd security and bug fix update Type/Severity Security Advisory: Important Topic An update for systemd is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabi ...
systemd could be made to crash if it received specially a crafted D-Bus message ...
Synopsis Important: redhat-virtualization-host security update Type/Severity Security Advisory: Important Topic An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of ...
Chris Coulson discovered a flaw in systemd leading to denial of service An unprivileged user could take advantage of this issue to crash PID1 by sending a specially crafted D-Bus message on the system bus For the stable distribution (stretch), this problem has been fixed in version 232-25+deb9u9 We recommend that you upgrade your systemd package ...
Arch Linux Security Advisory ASA-201902-24 ========================================== Severity: High Date : 2019-02-21 CVE-ID : CVE-2019-6454 Package : systemd Type : denial of service Remote : No Link : securityarchlinuxorg/AVG-906 Summary ======= The package systemd before version 2417-1 is vulnerable to denial of service ...
It was found that bus_process_object() in bus-objectsc allocates a buffer on the stack large enough to temporarily store the object path specified in the incoming message A malicious unprivileged local user to send a message which results in the stack pointer moving outside of the bounds of the currently mapped stack region, jumping over the stac ...
systemd is used by Power Hardware Management Console (HMC) HMC has addressed the applicable CVE ...
A denial of service attack was discovered in Systemd which is included with IBM MQ CloudPaks ...
It was found that bus_process_object() in bus-objectsc allocates a buffer on the stack large enough to temporarily store the object path specified in the incoming message A malicious unprivileged local user to send a message which results in the stack pointer moving outside of the bounds of the currently mapped stack region, jumping over the stac ...
PowerKVM is affected by vulnerabilities in systemd IBM has now addressed these vulnerabilities ...
Synopsis Moderate: OpenShift Container Platform 461 image security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...
IBM Security Privileged Identity Manager has addressed the following security vulnerabilities ...

Mailing Lists

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4393-1 security () debian org wwwdebianorg/security/ Salvatore Bonaccorso February 18, 2019 wwwdebianorg/security/faq ...
Qualys Security Advisory CVE-2021-33910: Denial of service (stack exhaustion) in systemd (PID 1) ======================================================================== Contents ======================================================================== Summary Analysis Proof of concept Acknowledgments Timeline ================================= ...

Github Repositories

Completion for lacework This script is to be use with zsh and can be use with Oh My Zsh framework to get lacework command completion Oh My Zsh is a delightful, open source, community-driven framework for managing your Zsh configuration that you can get from ohmyzsh/ You also need to have jq installed: githubcom/stedolan/jq/wiki/Installation Instalation To use

Security scanning as part of a CI/CD pipeline Initial tip #1: Make your life easier by using Docker multi-stage builds This makes it easy to create readable Dockerfile that result in small images Initial tip #2: Use BuildKit Enable it locally and on your build server! The guide can be found here Builds in parallel Builds only required stages, as opposed to simply buildin