Environment Variable Misconfiguration in systemd Affects Linux Distributions
CVE-2019-3842

4.5MEDIUM

Key Information:

Vendor

The Systemd Project

Status
Systemd
Vendor
CVE Published:
9 April 2019

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC

What is CVE-2019-3842?

A flaw was identified in systemd prior to version 242-rc4 where pam_systemd fails to adequately sanitize the environment before processing the XDG_SEAT variable. In certain configurations, this vulnerability could enable an attacker to manipulate the XDG_SEAT environment variable, potentially facilitating unauthorized command checks against polkit policies with elevated privileges. This misconfiguration heightens the risk of security breaches, allowing for exploitable scenarios in environments utilizing systemd.

Affected Version(s)

systemd v242-rc4

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2019-3842 - Proof of Concept

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3842
x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA
https://www.exploit-db.com/exploits/46743/
exploitx_refsource_EXPLOIT-DB

CVSS V3.1

Score:
4.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
4.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.