Vulnerability Details : CVE-2018-15686
Potential exploit
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.
Vulnerability category: Gain privilege
Products affected by CVE-2018-15686
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- Oracle » Communications Cloud Native Core Network Function Cloud Native Environment » Version: 1.4.0cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
- cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-15686
0.49%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 76 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-15686
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.0
|
HIGH | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
Canonical Ltd. | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2018-15686
-
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-15686
-
https://usn.ubuntu.com/3816-1/
USN-3816-1: systemd vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E
[GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image - Pony MailMailing List;Third Party Advisory
-
https://www.exploit-db.com/exploits/45714/
systemd - 'reexec' State InjectionExploit;Third Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2019:2091
RHSA-2019:2091 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securityfocus.com/bid/105747
systemd CVE-2018-15686 Local Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
-
https://www.oracle.com//security-alerts/cpujul2021.html
Oracle Critical Patch Update Advisory - July 2021Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:3222
RHSA-2019:3222 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://security.gentoo.org/glsa/201810-10
systemd: Multiple vulnerabilities (GLSA 201810-10) — Gentoo securityThird Party Advisory
-
https://github.com/systemd/systemd/pull/10519
pid1 serialization/deserialization fixes by poettering · Pull Request #10519 · systemd/systemd · GitHubPatch;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/11/msg00017.html
[SECURITY] [DLA 1580-1] systemd security updateMailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0593
RHSA-2020:0593 - Security Advisory - Red Hat Customer PortalThird Party Advisory
Jump to