CVE-2019-3843
Description
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.126
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| system and service manager (USN-4269-1) systemd_242-7ubuntu3.6_i386.deb | Linux |
| system and service manager (USN-4269-1) systemd_242-7ubuntu3.6_amd64.deb | Linux |
| system and service manager (USN-4269-1) systemd_229-4ubuntu21.27_i386.deb | Linux |
| system and service manager (USN-4269-1) systemd_229-4ubuntu21.27_amd64.deb | Linux |
| system and service manager (USN-4269-1) systemd_237-3ubuntu10.38_i386.deb | Linux |
| system and service manager (USN-4269-1) systemd_237-3ubuntu10.38_amd64.deb | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-239-29.el8.i686.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-container-239-29.el8.i686.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-container-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-debugsource-239-29.el8.i686.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-debugsource-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-devel-239-29.el8.i686.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-devel-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-journal-remote-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-libs-239-29.el8.i686.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-libs-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-pam-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-tests-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-udev-239-29.el8.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234