freedesktop systemd CVE-2019-3843 vulnerability in FreeDesktop and Other Products
Published on April 26, 2019

product logo product logo product logo product logo product logo
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.

Vendor Advisory Vendor Advisory NVD

Weakness Type

Incorrect Privilege Assignment

A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.


Products Associated with CVE-2019-3843

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-3843 are published in these products:

FreeDesktop Systemd
 
Fedora Project Fedora
 
Canonical Ubuntu Linux
 
NetApp Hci Management Node
 
NetApp Snapprotect
 
NetApp Solidfire
 
Systemdproject Systemd
 

Affected Versions

[freedesktop.org] systemd Version 242 is affected by CVE-2019-3843

Exploit Probability

EPSS
0.13%
Percentile
32.95%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.