CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
47.6%
It was discovered that systemd incorrectly handled certain PIDFile files.
A local attacker could possibly use this issue to trick systemd into
killing privileged processes. This issue only affected Ubuntu 16.04 LTS.
(CVE-2018-16888)
It was discovered that systemd incorrectly handled certain udevadm trigger
commands. A local attacker could possibly use this issue to cause systemd
to consume resources, leading to a denial of service. (CVE-2019-20386)
Jann Horn discovered that systemd incorrectly handled services that use the
DynamicUser property. A local attacker could possibly use this issue to
access resources owned by a different service in the future. This issue
only affected Ubuntu 18.04 LTS. (CVE-2019-3843, CVE-2019-3844)
Tavis Ormandy discovered that systemd incorrectly handled certain Polkit
queries. A local attacker could use this issue to cause systemd to crash,
resulting in a denial of service, or possibly execute arbitrary code and
escalate privileges. (CVE-2020-1712)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 19.10 | noarch | systemd | < 242-7ubuntu3.6 | UNKNOWN |
Ubuntu | 19.10 | noarch | libnss-myhostname | < 242-7ubuntu3.6 | UNKNOWN |
Ubuntu | 19.10 | noarch | libnss-myhostname-dbgsym | < 242-7ubuntu3.6 | UNKNOWN |
Ubuntu | 19.10 | noarch | libnss-mymachines | < 242-7ubuntu3.6 | UNKNOWN |
Ubuntu | 19.10 | noarch | libnss-mymachines-dbgsym | < 242-7ubuntu3.6 | UNKNOWN |
Ubuntu | 19.10 | noarch | libnss-resolve | < 242-7ubuntu3.6 | UNKNOWN |
Ubuntu | 19.10 | noarch | libnss-resolve-dbgsym | < 242-7ubuntu3.6 | UNKNOWN |
Ubuntu | 19.10 | noarch | libnss-systemd | < 242-7ubuntu3.6 | UNKNOWN |
Ubuntu | 19.10 | noarch | libnss-systemd-dbgsym | < 242-7ubuntu3.6 | UNKNOWN |
Ubuntu | 19.10 | noarch | libpam-systemd | < 242-7ubuntu3.6 | UNKNOWN |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
47.6%