Privilege Chaining Affecting systemd/systemd package, versions [,242)


Severity

Recommended
0.0
high
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

EPSS
0.04% (13th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-UNMANAGED-SYSTEMDSYSTEMD-2365483
  • published26 Jan 2022
  • disclosed26 Apr 2019
  • creditUnknown

Introduced: 26 Apr 2019

CVE-2019-3844  (opens in a new tab)
CWE-268  (opens in a new tab)

How to fix?

Upgrade systemd/systemd to version 242 or higher.

Overview

Affected versions of this package are vulnerable to Privilege Chaining. It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.

CVSS Scores

version 3.1