Memory Leak Vulnerability in Systemd Affects Various Linux Distributions
CVE-2019-20386

2.4LOW

Key Information:

Vendor

Systemd Project

Status
Systemd
Vendor
CVE Published:
21 January 2020

What is CVE-2019-20386?

A memory leak vulnerability was identified in the 'button_open' function within 'login/logind-button.c' in systemd prior to version 243. This issue arises when executing the 'udevadm trigger' command, potentially leading to resource exhaustion over time. This can impact system stability and performance, making it essential for users of affected versions to apply necessary updates to mitigate any risks.

References

https://github.com/systemd/systemd/commit/b2774a3ae692113...
x_refsource_MISC
https://security.netapp.com/advisory/ntap-20200210-0002/
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2020...
vendor-advisoryx_refsource_SUSE

CVSS V3.1

Score:
2.4
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.