UBUNTU-CVE-2018-15686

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2018-15686
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-15686.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2018-15686
Upstream
Downstream
Related
Published
2018-10-26T00:00:00Z
Modified
2025-09-08T16:44:59Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • 7.0 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.

References

Affected packages

Ubuntu:16.04:LTS / systemd

Package

Name
systemd
Purl
pkg:deb/ubuntu/systemd@229-4ubuntu21.8?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
229-4ubuntu21.8

Affected versions

Other

225-1ubuntu9
227-2ubuntu1
227-2ubuntu2
228-1ubuntu2
228-2ubuntu1
228-2ubuntu2
228-3ubuntu1
228-4ubuntu1
228-4ubuntu2
228-5ubuntu1
228-5ubuntu2
228-5ubuntu3
228-6ubuntu1
229-1ubuntu2
229-1ubuntu4
229-2ubuntu1
229-3ubuntu1
229-3ubuntu2
229-4ubuntu1
229-4ubuntu4
229-4ubuntu5
229-4ubuntu6
229-4ubuntu7
229-4ubuntu8
229-4ubuntu10
229-4ubuntu11
229-4ubuntu12
229-4ubuntu13
229-4ubuntu16
229-4ubuntu17
229-4ubuntu19
229-4ubuntu20
229-4ubuntu21

229-4ubuntu21.*

229-4ubuntu21.1
229-4ubuntu21.2
229-4ubuntu21.3
229-4ubuntu21.4
229-4ubuntu21.5
229-4ubuntu21.6

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "libnss-myhostname"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "libnss-mymachines"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "libnss-resolve"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "libpam-systemd"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "libsystemd-dev"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "libsystemd0"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "libudev-dev"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "libudev1"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "systemd"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "systemd-container"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "systemd-coredump"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "systemd-journal-remote"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "systemd-sysv"
        },
        {
            "binary_version": "229-4ubuntu21.8",
            "binary_name": "udev"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:18.04:LTS / systemd

Package

Name
systemd
Purl
pkg:deb/ubuntu/systemd@237-3ubuntu10.6?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
237-3ubuntu10.6

Affected versions

Other

234-2ubuntu12
235-2ubuntu3
235-3ubuntu2
235-3ubuntu3
237-3ubuntu3
237-3ubuntu4
237-3ubuntu6
237-3ubuntu7
237-3ubuntu8
237-3ubuntu10

237-3ubuntu10.*

237-3ubuntu10.2
237-3ubuntu10.3
237-3ubuntu10.4

Ecosystem specific 

{
    "binaries": [
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "libnss-myhostname"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "libnss-mymachines"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "libnss-resolve"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "libnss-systemd"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "libpam-systemd"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "libsystemd-dev"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "libsystemd0"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "libudev-dev"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "libudev1"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "systemd"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "systemd-container"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "systemd-coredump"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "systemd-journal-remote"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "systemd-sysv"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "systemd-tests"
        },
        {
            "binary_version": "237-3ubuntu10.6",
            "binary_name": "udev"
        }
    ],
    "availability": "No subscription required"
}