CVE-2017-1000082
Published: 7 July 2017
systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.
Notes
| Author | Note |
|---|---|
| mdeslaur | the upstream patch changes behaviour to cause a unit to fail to load if a configuration item could not be parsed, instead of skipping it. Fixing this may cause regressions in certain environments. We will not be fixing this issue in xenial. Administrators are encouraged to carefully audit their unit files and make sure the options are being parsed correctly. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
systemd Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
(234-2ubuntu12.1)
|
| trusty |
Not vulnerable
(code not present)
|
|
| upstream |
Released
(234-1)
|
|
| xenial |
Ignored
|
|
| yakkety |
Ignored
(end of life)
|
|
| zesty |
Ignored
(end of life)
|
|
|
Patches: upstream: https://github.com/systemd/systemd/commit/bb28e68477a3a39796e4999a6cbc6ac6345a9159 |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 9.8 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |