CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable.
Configurations

Configuration 1 (hide)

cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:53

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2019:2091 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2019:2091 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16888 - Issue Tracking, Patch, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16888 - Issue Tracking, Patch, Third Party Advisory
References () https://lists.apache.org/thread.html/5960a34a524848cd722fd7ab7e2227eac10107b0f90d9d1e9c3caa74%40%3Cuser.cassandra.apache.org%3E - () https://lists.apache.org/thread.html/5960a34a524848cd722fd7ab7e2227eac10107b0f90d9d1e9c3caa74%40%3Cuser.cassandra.apache.org%3E -
References () https://security.netapp.com/advisory/ntap-20190307-0007/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20190307-0007/ - Third Party Advisory
References () https://usn.ubuntu.com/4269-1/ - Third Party Advisory () https://usn.ubuntu.com/4269-1/ - Third Party Advisory

07 Nov 2023, 02:53

Type Values Removed Values Added
References
  • {'url': 'https://lists.apache.org/thread.html/5960a34a524848cd722fd7ab7e2227eac10107b0f90d9d1e9c3caa74@%3Cuser.cassandra.apache.org%3E', 'name': '[cassandra-user] 20190809 cassandra does not start with new systemd version', 'tags': ['Third Party Advisory'], 'refsource': 'MLIST'}
  • () https://lists.apache.org/thread.html/5960a34a524848cd722fd7ab7e2227eac10107b0f90d9d1e9c3caa74%40%3Cuser.cassandra.apache.org%3E -

Information

Published : 2019-01-14 22:29

Updated : 2024-11-21 03:53


NVD link : CVE-2018-16888

Mitre link : CVE-2018-16888

CVE.ORG link : CVE-2018-16888


JSON object : View

Products Affected

redhat

  • enterprise_linux

canonical

  • ubuntu_linux

netapp

  • element_software
  • active_iq_performance_analytics_services

systemd_project

  • systemd
CWE
CWE-250

Execution with Unnecessary Privileges

CWE-269

Improper Privilege Management