Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. (CVE-2018-15686)
Jann Horn discovered a race condition in chown_one(). A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-15687)
It was discovered that systemd-tmpfiles mishandled symlinks in non-terminal path components. A local attacker could potentially exploit this by gaining ownership of certain files to obtain root privileges. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-6954)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "229-4ubuntu21.8", "binary_name": "libnss-myhostname" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "libnss-mymachines" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "libnss-resolve" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "libpam-systemd" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "libsystemd-dev" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "libsystemd0" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "libudev-dev" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "libudev1" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "systemd" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "systemd-container" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "systemd-coredump" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "systemd-journal-remote" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "systemd-sysv" }, { "binary_version": "229-4ubuntu21.8", "binary_name": "udev" } ] }
{ "ecosystem": "Ubuntu:16.04:LTS", "cves": [ { "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ], "id": "CVE-2018-15686" }, { "severity": [ { "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ], "id": "CVE-2018-15687" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "237-3ubuntu10.6", "binary_name": "libnss-myhostname" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "libnss-mymachines" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "libnss-resolve" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "libnss-systemd" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "libpam-systemd" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "libsystemd-dev" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "libsystemd0" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "libudev-dev" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "libudev1" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "systemd" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "systemd-container" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "systemd-coredump" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "systemd-journal-remote" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "systemd-sysv" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "systemd-tests" }, { "binary_version": "237-3ubuntu10.6", "binary_name": "udev" } ] }
{ "ecosystem": "Ubuntu:18.04:LTS", "cves": [ { "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ], "id": "CVE-2018-15686" }, { "severity": [ { "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ], "id": "CVE-2018-15687" } ] }