Vulnerability Details : CVE-2019-3844
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.
Products affected by CVE-2019-3844
- cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*
- cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-3844
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-3844
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
4.5
|
MEDIUM | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.0
|
3.4
|
Red Hat, Inc. | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2019-3844
-
Two distinct privileges, roles, capabilities, or rights can be combined in a way that allows an entity to perform unsafe actions that would not be allowed without that combination.Assigned by: secalert@redhat.com (Primary)
References for CVE-2019-3844
-
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20190619-0002/
May 2019 Systemd Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
http://www.securityfocus.com/bid/108096
systemd CVE-2019-3844 Local Privilege Escalation VulnerabilityThird Party Advisory;VDB Entry
-
https://usn.ubuntu.com/4269-1/
USN-4269-1: systemd vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3844
1684610 – (CVE-2019-3844) CVE-2019-3844 systemd: services with DynamicUser can get new privileges and create SGID binariesIssue Tracking;Patch;Third Party Advisory
-
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
[GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8 - Pony MailThird Party Advisory
Jump to