Bug#912005: systemd: CVE-2018-15686: reexec state injection: fgets() on overlong lines leads to line splitting
Salvatore Bonaccorso
carnil at debian.org
Sat Oct 27 08:37:58 BST 2018
Source: systemd
Version: 239-10
Severity: important
Tags: security upstream
Forwarded: https://github.com/systemd/systemd/pull/10519
Hi,
The following vulnerability was published for systemd.
CVE-2018-15686[0]:
| A vulnerability in unit_deserialize of systemd allows an attacker to
| supply arbitrary state across systemd re-execution via NotifyAccess.
| This can be used to improperly influence systemd execution and
| possibly lead to root privilege escalation. Affected releases are
| systemd versions up to and including 239.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2018-15686
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15686
[1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1687
[2] https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796402
[3] https://github.com/systemd/systemd/pull/10519
Please adjust the affected versions in the BTS as needed, the version
in stretch might as well be affected.
Regards,
Salvatore
More information about the Pkg-systemd-maintainers
mailing list