Local User Privilege Escalation in systemd DynamicUser Service by Red Hat
CVE-2019-3843

4.5MEDIUM

Key Information:

Vendor

[freedesktop.org]

Status
Systemd
Vendor
CVE Published:
26 April 2019

What is CVE-2019-3843?

A flaw was identified in the way systemd handles services utilizing the DynamicUser property. When a service is terminated, it may create a SUID/SGID binary that continues to run under a transient user ID or group ID, which could be reused by other processes in the future. A local attacker can exploit this issue to access resources that may belong to different services, leading to potential unauthorized access and manipulation of sensitive data.

Affected Version(s)

systemd 242

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843
x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA
http://www.securityfocus.com/bid/108116
vdb-entryx_refsource_BID

CVSS V3.1

Score:
4.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
4.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.