[Git][security-tracker-team/security-tracker][master] CVE-2018-16888,systemd: Mark as no-dsa for Jessie.

[Markus Koschany]

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
02d6b1cb by Markus Koschany at 2019-01-03T22:06:12Z
CVE-2018-16888,systemd: Mark as no-dsa for Jessie.

This is arguably a longstanding bug in the PID file logic and systemd is now
stricter when a PID file is owned by an untrusted user. Since daemons and
services in Debian are not untrusted, you would need some other vulnerability to
exploit it and to be able to write into the PID file. In most circumstances PID
files are writable only by root though.

Given there were a lot of code changes, a backport does not seem to be
proportionate at the moment.

Feedback from other team members or the security team would be appreciated
though.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17482,6 +17482,7 @@ CVE-2018-16889
 CVE-2018-16888 [kills privileged process if unprivileged PIDFile was tampered]
 	RESERVED
 	- systemd 237-1
+	[jessie] - systemd <no-dsa> (low priority because this is inherently a bug in the PID file logic)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1662867
 	NOTE: Upstream issue: https://github.com/systemd/systemd/issues/6632
 	NOTE: Upstream patches: https://github.com/systemd/systemd/pull/7816



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/02d6b1cb8aa39b675950d91d28c4203114228038

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/02d6b1cb8aa39b675950d91d28c4203114228038
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190103/3293e442/attachment-0001.html>