Lucene search

[email protected]CVE-2019-6454

HistoryMar 21, 2019 - 4:01 p.m.

CVE-2019-6454

2019-03-2116:01:08

CWE-787

[email protected]

web.nvd.nist.gov

374

cve-2019-6454

sd-bus

systemd

denial of service

vulnerability

nvd

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.2%

JSON

An issue was discovered in sd-bus in systemd 239. bus_process_object() in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit this by sending a specially crafted message to PID1, causing the stack pointer to jump over the stack guard pages into an unmapped memory region and trigger a denial of service (systemd PID1 crash and kernel panic).

Affected configurations

NVD

Node

systemd_projectsystemdMatch239

Node

opensuseleapMatch15.0

Node

netappactive_iq_performance_analytics_servicesMatch-

Node

debiandebian_linuxMatch8.0

debiandebian_linuxMatch9.0

Node

fedoraprojectfedoraMatch29

Node

canonicalubuntu_linuxMatch16.04lts

canonicalubuntu_linuxMatch18.04lts

canonicalubuntu_linuxMatch18.10

Node

redhatenterprise_linuxMatch8.0

redhatenterprise_linux_compute_node_eusMatch7.5

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_eusMatch7.4

redhatenterprise_linux_eusMatch7.5

redhatenterprise_linux_eusMatch8.1

redhatenterprise_linux_eusMatch8.2

redhatenterprise_linux_eusMatch8.4

redhatenterprise_linux_for_ibm_z_systems_eusMatch7.4

redhatenterprise_linux_for_ibm_z_systems_eusMatch7.5

redhatenterprise_linux_for_ibm_z_systems_eusMatch8.1

redhatenterprise_linux_for_ibm_z_systems_eusMatch8.2

redhatenterprise_linux_for_ibm_z_systems_eusMatch8.4

redhatenterprise_linux_for_power_big_endian_eusMatch7.4

redhatenterprise_linux_for_power_little_endianMatch8.0

redhatenterprise_linux_for_power_little_endian_eusMatch7.4

redhatenterprise_linux_for_power_little_endian_eusMatch7.5

redhatenterprise_linux_for_power_little_endian_eusMatch8.1

redhatenterprise_linux_for_power_little_endian_eusMatch8.2

redhatenterprise_linux_for_power_little_endian_eusMatch8.4

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_server_ausMatch7.3

redhatenterprise_linux_server_ausMatch7.4

redhatenterprise_linux_server_ausMatch7.6

redhatenterprise_linux_server_ausMatch8.2

redhatenterprise_linux_server_ausMatch8.4

redhatenterprise_linux_server_eusMatch7.6

redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch7.3

redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch7.4

redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.0

redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.1

redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsMatch8.2

redhatenterprise_linux_server_tusMatch7.3

redhatenterprise_linux_server_tusMatch7.4

redhatenterprise_linux_server_tusMatch7.6

redhatenterprise_linux_server_tusMatch8.2

redhatenterprise_linux_server_tusMatch8.4

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch7.3

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch7.4

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch8.0

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch8.1

redhatenterprise_linux_server_update_services_for_sap_solutionsMatch8.2

redhatenterprise_linux_workstationMatch7.0

Node

mcafeeweb_gatewayRange<7.7.2.21

mcafeeweb_gatewayRange7.8.0–7.8.2.8

mcafeeweb_gatewayRange8.0.0–8.1.1

CPENameOperatorVersion
systemd_project:systemdsystemd project systemdeq239

CPE	Name	Operator	Version
systemd_project:systemd	systemd project systemd	eq	239

References

lists.opensuse.org/opensuse-security-announce/2019-02/msg00070.html

lists.opensuse.org/opensuse-security-announce/2019-05/msg00062.html

www.openwall.com/lists/oss-security/2019/02/18/3

www.openwall.com/lists/oss-security/2019/02/19/1

www.openwall.com/lists/oss-security/2021/07/20/2

www.securityfocus.com/bid/107081

access.redhat.com/errata/RHSA-2019:0368

access.redhat.com/errata/RHSA-2019:0990

access.redhat.com/errata/RHSA-2019:1322

access.redhat.com/errata/RHSA-2019:1502

access.redhat.com/errata/RHSA-2019:2805

github.com/systemd/systemd/commits/master/src/libsystemd/sd-bus/bus-objects.c

kc.mcafee.com/corporate/index?page=content&id=SB10278

lists.debian.org/debian-lts-announce/2019/02/msg00031.html

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N67IOBOTDOMVNQJ5QRU2MXLEECXPGNVJ/

security.netapp.com/advisory/ntap-20190327-0004/

usn.ubuntu.com/3891-1/

www.debian.org/security/2019/dsa-4393

Social References

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.2%

JSON

Related for CVE-2019-6454