CVE-2018-15686
Description
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.533
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| system and service manager (USN-3816-1) systemd_239-7ubuntu10.3_amd64.deb | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsystemd0-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsystemd0-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsystemd0-debuginfo-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) libsystemd0-debuginfo-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) libudev1-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) libudev1-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) libudev1-debuginfo-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) libudev1-debuginfo-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) systemd-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) systemd-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) systemd-bash-completion-228-150.53.3.noarch.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) systemd-debuginfo-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) systemd-debuginfo-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) systemd-debugsource-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) systemd-sysvinit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) udev-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-1(SUSE Linux Enterprise Desktop 12-SP3 ) udev-debuginfo-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) libsystemd0-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) libsystemd0-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) libsystemd0-debuginfo-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) libsystemd0-debuginfo-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) libudev1-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) libudev1-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) libudev1-debuginfo-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) libudev1-debuginfo-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) systemd-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) systemd-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) systemd-bash-completion-228-150.53.3.noarch.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) systemd-debuginfo-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) systemd-debuginfo-32bit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) systemd-debugsource-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) systemd-sysvinit-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) udev-228-150.53.3.x86_64.rpm | Linux |
| SUSE-SU-2018:3767-2(SUSE Linux Enterprise Desktop 12-SP4 ) udev-debuginfo-228-150.53.3.x86_64.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update libgudev1-219-67.el7.i686.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update libgudev1-219-67.el7.x86_64.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update libgudev1-devel-219-67.el7.i686.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update libgudev1-devel-219-67.el7.x86_64.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-219-67.el7.x86_64.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-devel-219-67.el7.i686.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-devel-219-67.el7.x86_64.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-journal-gateway-219-67.el7.x86_64.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-libs-219-67.el7.i686.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-libs-219-67.el7.x86_64.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-networkd-219-67.el7.x86_64.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-python-219-67.el7.x86_64.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-resolved-219-67.el7.i686.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-resolved-219-67.el7.x86_64.rpm | Linux |
| (RHSA-2019:2091) systemd security, bug fix, and enhancement update systemd-sysv-219-67.el7.x86_64.rpm | Linux |
| Systemd update (ELSA-2020-0575) systemd-239-18.0.2.el8_1.4.x86_64.rpm | Linux |
| Systemd-container update (ELSA-2020-0575) systemd-container-239-18.0.2.el8_1.4.x86_64.rpm | Linux |
| Systemd-devel update (ELSA-2020-0575) systemd-devel-239-18.0.2.el8_1.4.x86_64.rpm | Linux |
| Systemd-journal-remote update (ELSA-2020-0575) systemd-journal-remote-239-18.0.2.el8_1.4.x86_64.rpm | Linux |
| Systemd-libs update (ELSA-2020-0575) systemd-libs-239-18.0.2.el8_1.4.x86_64.rpm | Linux |
| Systemd-pam update (ELSA-2020-0575) systemd-pam-239-18.0.2.el8_1.4.x86_64.rpm | Linux |
| Systemd-tests update (ELSA-2020-0575) systemd-tests-239-18.0.2.el8_1.4.x86_64.rpm | Linux |
| Systemd-udev update (ELSA-2020-0575) systemd-udev-239-18.0.2.el8_1.4.x86_64.rpm | Linux |
| Systemd update (ELSA-2020-0575) systemd-239-18.0.2.el8_1.4.i686.rpm | Linux |
| Systemd-container update (ELSA-2020-0575) systemd-container-239-18.0.2.el8_1.4.i686.rpm | Linux |
| Systemd-devel update (ELSA-2020-0575) systemd-devel-239-18.0.2.el8_1.4.i686.rpm | Linux |
| Systemd-libs update (ELSA-2020-0575) systemd-libs-239-18.0.2.el8_1.4.i686.rpm | Linux |
| Deserialization of Untrusted Data Vulnerability (CVE-2018-15686) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234