CVE-2018-16888 vulnerability in FreeDesktop and Other Products
Published on January 14, 2019
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable.
Weakness Type
Execution with Unnecessary Privileges
The software performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.
Products Associated with CVE-2018-16888
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-16888 are published in these products:
Affected Versions
The systemd Project systemd Version v237 is affected by CVE-2018-16888Exploit Probability
EPSS
0.16%
Percentile
37.23%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.