Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-15686

A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.

Published

2018-10-26T14:29:00.613

Last Modified

2025-06-09T16:15:28.243

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-502
Type: Secondary
CWE-502

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	canonical	ubuntu_linux	16.04	Yes
Operating System	canonical	ubuntu_linux	18.04	Yes
Operating System	canonical	ubuntu_linux	18.10	Yes
Operating System	debian	debian_linux	8.0	Yes
Application	systemd_project	systemd	≤ 239	Yes
Application	oracle	communications_cloud_native_core_network_function_cloud_native_environment	1.4.0	Yes

References

http://www.securityfocus.com/bid/105747 Third Party Advisory, VDB Entry ([email protected])
https://access.redhat.com/errata/RHSA-2019:2091 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2019:3222 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2020:0593 Third Party Advisory ([email protected])
https://github.com/systemd/systemd/pull/10519 Patch, Third Party Advisory ([email protected])
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E ([email protected])
https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html Mailing List, Third Party Advisory ([email protected])
https://security.gentoo.org/glsa/201810-10 Third Party Advisory ([email protected])
https://usn.ubuntu.com/3816-1/ Third Party Advisory ([email protected])
https://www.exploit-db.com/exploits/45714/ Exploit, Third Party Advisory, VDB Entry ([email protected])
https://www.oracle.com//security-alerts/cpujul2021.html Third Party Advisory ([email protected])
http://www.securityfocus.com/bid/105747 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:2091 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:3222 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2020:0593 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/systemd/systemd/pull/10519 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201810-10 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/3816-1/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/45714/ Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com//security-alerts/cpujul2021.html Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)