CVE-2016-10156

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-10156
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10156.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-10156
Downstream
Related
Published
2017-01-23T07:59:00.347Z
Modified
2026-04-24T09:24:56.635599Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.

References

Affected packages

Git / github.com/systemd/systemd

Affected ranges

Type
GIT
Repo
https://github.com/systemd/systemd
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
06eeacb6fe029804f296b065b3ce91e796e1cd0e
Fixed
ee735086f8670be1591fa9593e80dd60163a7a2f
Database specific 
{
    "source": "REFERENCES"
}

Affected versions

Other
v1
v10
v11
v12
v13
v14
v15
v16
v17
v18
v183
v184
v185
v186
v187
v188
v189
v19
v190
v191
v192
v193
v194
v195
v196
v197
v198
v199
v2
v20
v200
v201
v202
v203
v204
v205
v206
v207
v208
v209
v21
v210
v211
v212
v213
v214
v215
v216
v217
v218
v219
v22
v220
v221
v222
v223
v224
v225
v226
v227
v228
v23
v24
v25
v26
v27
v28
v29
v3
v30
v31
v32
v33
v34
v35
v36
v37
v38
v39
v4
v40
v41
v42
v43
v44
v5
v6
v7
v8
v9

Database specific

vanir_signatures_modified 
"2026-04-24T09:24:56Z"
vanir_signatures 
[
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2016-10156-14049a83",
        "source": "https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "143490046643793043951247385066281749424",
                "122935519918159594852004239146072093699",
                "54395448293350274193157192029626465405",
                "319258269167257065855528611741500025477",
                "14136216880443083922228792084368357903",
                "308585633961784689412430179420870598457",
                "128309604439848126161042702311541266943",
                "151843754083868116041010403313887337385"
            ]
        },
        "target": {
            "file": "src/test/test-conf-files.c"
        }
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2016-10156-4267b89a",
        "source": "https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "884391527119032421930507393033943967",
                "71444658684207020711684283464577893821",
                "129040058516969266729007866096539935790",
                "171985266963045669393736977086235467711",
                "167028769458000049328164706596134535271",
                "325425461498447324481272706372516446726",
                "73487370959010915169797254673591995470",
                "166827898435921037420828712229566259421"
            ]
        },
        "target": {
            "file": "src/core/timer.c"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2016-10156-50486a66",
        "source": "https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f",
        "digest": {
            "length": 765.0,
            "function_hash": "16651552642822266066331222789744711377"
        },
        "target": {
            "file": "src/basic/fs-util.c",
            "function": "touch_file"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2016-10156-743c9fdd",
        "source": "https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f",
        "digest": {
            "length": 126.0,
            "function_hash": "202510193103278909526249463735252315663"
        },
        "target": {
            "file": "src/basic/fs-util.c",
            "function": "touch"
        }
    },
    {
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2016-10156-a191707d",
        "source": "https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "97400082154898398970675292924757582953",
                "110083905208857346320650848691103642371",
                "307475506367816187332214095585553537513",
                "135927274798206812626501416543824620549",
                "3601903755967494894851062893010901710",
                "220389832517227226628827653175591840104",
                "13230225266436895651077031958836395872",
                "150678483076905833111675878602351293786"
            ]
        },
        "target": {
            "file": "src/basic/fs-util.c"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2016-10156-a8fd9cc9",
        "source": "https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f",
        "digest": {
            "length": 375.0,
            "function_hash": "5821552094425570502963670811945135628"
        },
        "target": {
            "file": "src/test/test-conf-files.c",
            "function": "setup_test_dir"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2016-10156-b754c4cb",
        "source": "https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f",
        "digest": {
            "length": 693.0,
            "function_hash": "5027209638548168649191285761072337226"
        },
        "target": {
            "file": "src/core/timer.c",
            "function": "timer_enter_running"
        }
    },
    {
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2016-10156-b9e14642",
        "source": "https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f",
        "digest": {
            "length": 749.0,
            "function_hash": "296421973068010747095949689944144467270"
        },
        "target": {
            "file": "src/core/timer.c",
            "function": "timer_start"
        }
    }
]
source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10156.json"

Git / github.com/systemd/systemd-stable

Affected ranges

Type
GIT
Repo
https://github.com/systemd/systemd-stable
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
dd050decb6ad131ebdeabb71c4f9ecb4733269c0
Database specific 
{
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "228"
        }
    ],
    "cpe": "cpe:2.3:a:systemd_project:systemd:228:*:*:*:*:*:*:*"
}

Affected versions

Other
systemd-v1
systemd-v10
systemd-v11
systemd-v12
systemd-v13
systemd-v14
systemd-v15
systemd-v16
systemd-v17
systemd-v18
systemd-v183
systemd-v184
systemd-v185
systemd-v186
systemd-v187
systemd-v188
systemd-v189
systemd-v19
systemd-v190
systemd-v191
systemd-v192
systemd-v193
systemd-v194
systemd-v195
systemd-v196
systemd-v2
systemd-v20
systemd-v21
systemd-v22
systemd-v23
systemd-v24
systemd-v25
systemd-v26
systemd-v27
systemd-v28
systemd-v29
systemd-v3
systemd-v30
systemd-v31
systemd-v32
systemd-v33
systemd-v34
systemd-v35
systemd-v36
systemd-v37
systemd-v38
systemd-v39
systemd-v4
systemd-v40
systemd-v41
systemd-v42
systemd-v43
systemd-v44
systemd-v5
systemd-v6
systemd-v7
systemd-v8
systemd-v9
v1
v10
v11
v12
v13
v14
v15
v16
v17
v18
v183
v184
v185
v186
v187
v188
v189
v19
v190
v191
v192
v193
v194
v195
v196
v197
v198
v199
v2
v20
v200
v201
v202
v203
v204
v205
v206
v207
v208
v209
v21
v210
v211
v212
v213
v214
v215
v216
v217
v218
v219
v22
v220
v221
v222
v223
v224
v225
v226
v227
v228
v23
v24
v25
v26
v27
v28
v29
v3
v30
v31
v32
v33
v34
v35
v36
v37
v38
v39
v4
v40
v41
v42
v43
v44
v5
v6
v7
v8
v9

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10156.json"