CVE-2018-6954

Related Files

Ubuntu Security Notice USN-3816-3

Posted Nov 28, 2018

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3816-3 - USN-3816-1 fixed vulnerabilities in systemd. The fix for CVE-2018-6954 caused a regression in systemd-tmpfiles when running Ubuntu inside a container on some older kernels. This issue only affected Ubuntu 16.04 LTS. In order to continue to support this configuration, the fixes for CVE-2018-6954 have been reverted. Various other issues were also addressed.

tags | advisory, kernel, vulnerability

systems | linux, ubuntu

advisories | CVE-2018-15686, CVE-2018-15687, CVE-2018-6954

SHA-256 | cb9b05c78f4e62578d79c6d74bb3b6230e89ffde7e11bd266932cddb628c5b23

Download | Favorite | View

Ubuntu Security Notice USN-3816-2

Posted Nov 20, 2018

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3816-2 - USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. Jann Horn discovered a race condition in chown_one. A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. It was discovered that systemd-tmpfiles mishandled symlinks in non-terminal path components. A local attacker could potentially exploit this by gaining ownership of certain files to obtain root privileges. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, arbitrary, local, root, vulnerability

systems | linux, ubuntu

advisories | CVE-2018-15686, CVE-2018-15687, CVE-2018-6954

SHA-256 | eb71de28a7d0a6a7812f411191e7266a1699b349c54bd396dd6e5120e7f392c4

Download | Favorite | View

Ubuntu Security Notice USN-3816-1

Posted Nov 13, 2018

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3816-1 - Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. Jann Horn discovered a race condition in chown_one. A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.

tags | advisory, arbitrary, local, root

systems | linux, ubuntu

advisories | CVE-2018-15686, CVE-2018-15687, CVE-2018-6954

SHA-256 | abc96db7edf9cdd68a2e5665d1928fcdcdbbb4e4a2f6079a5b3fe6b7f2ebcaf4

Download | Favorite | View