CVE-2019-3844
Description
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.157
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| system and service manager (USN-4269-1) systemd_242-7ubuntu3.6_i386.deb | Linux |
| system and service manager (USN-4269-1) systemd_242-7ubuntu3.6_amd64.deb | Linux |
| system and service manager (USN-4269-1) systemd_229-4ubuntu21.27_i386.deb | Linux |
| system and service manager (USN-4269-1) systemd_229-4ubuntu21.27_amd64.deb | Linux |
| system and service manager (USN-4269-1) systemd_237-3ubuntu10.38_i386.deb | Linux |
| system and service manager (USN-4269-1) systemd_237-3ubuntu10.38_amd64.deb | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-239-29.el8.i686.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-container-239-29.el8.i686.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-container-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-debugsource-239-29.el8.i686.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-debugsource-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-devel-239-29.el8.i686.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-devel-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-journal-remote-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-libs-239-29.el8.i686.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-libs-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-pam-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-tests-239-29.el8.x86_64.rpm | Linux |
| (RHSA-2020:1794) systemd security, bug fix, and enhancement update systemd-udev-239-29.el8.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234