CVE-2016-10156

A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.
Configurations

Configuration 1 (hide)

cpe:2.3:a:systemd_project:systemd:228:*:*:*:*:*:*:*

History

21 Nov 2024, 02:43

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/95790 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/95790 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1037686 - () http://www.securitytracker.com/id/1037686 -
References () https://bugzilla.suse.com/show_bug.cgi?id=1020601 - Issue Tracking () https://bugzilla.suse.com/show_bug.cgi?id=1020601 - Issue Tracking
References () https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e - Issue Tracking, Patch, Third Party Advisory () https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e - Issue Tracking, Patch, Third Party Advisory
References () https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f - Issue Tracking, Patch, Third Party Advisory () https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f - Issue Tracking, Patch, Third Party Advisory
References () https://www.exploit-db.com/exploits/41171/ - () https://www.exploit-db.com/exploits/41171/ -

Information

Published : 2017-01-23 07:59

Updated : 2024-11-21 02:43


NVD link : CVE-2016-10156

Mitre link : CVE-2016-10156

CVE.ORG link : CVE-2016-10156


JSON object : View

Products Affected

systemd_project

  • systemd
CWE
CWE-264

Permissions, Privileges, and Access Controls