Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. (CVE-2018-15686)
Jann Horn discovered a race condition in chown_one(). A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-15687)
It was discovered that systemd-tmpfiles mishandled symlinks in non-terminal path components. A local attacker could potentially exploit this by gaining ownership of certain files to obtain root privileges. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-6954)
{ "binaries": [ { "binary_name": "libnss-myhostname", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "libnss-mymachines", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "libnss-resolve", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "libpam-systemd", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "libsystemd-dev", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "libsystemd0", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "libudev-dev", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "libudev1", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "systemd", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "systemd-container", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "systemd-coredump", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "systemd-journal-remote", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "systemd-sysv", "binary_version": "229-4ubuntu21.8" }, { "binary_name": "udev", "binary_version": "229-4ubuntu21.8" } ], "availability": "No subscription required" }
{ "cves": [ { "id": "CVE-2018-15686", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] }, { "id": "CVE-2018-15687", "severity": [ { "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] } ], "ecosystem": "Ubuntu:16.04:LTS" }
{ "binaries": [ { "binary_name": "libnss-myhostname", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "libnss-mymachines", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "libnss-resolve", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "libnss-systemd", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "libpam-systemd", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "libsystemd-dev", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "libsystemd0", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "libudev-dev", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "libudev1", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "systemd", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "systemd-container", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "systemd-coredump", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "systemd-journal-remote", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "systemd-sysv", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "systemd-tests", "binary_version": "237-3ubuntu10.6" }, { "binary_name": "udev", "binary_version": "237-3ubuntu10.6" } ], "availability": "No subscription required" }
{ "cves": [ { "id": "CVE-2018-15686", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] }, { "id": "CVE-2018-15687", "severity": [ { "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] } ], "ecosystem": "Ubuntu:18.04:LTS" }