ArchLinux: 201910-3: systemd: access restriction bypass

    Date03 Oct 2019
    CategoryArchLinux
    391
    Posted ByLinuxSecurity Advisories
    The package systemd before version 243.0-1 is vulnerable to access restriction bypass.
    Arch Linux Security Advisory ASA-201910-3
    =========================================
    
    Severity: Medium
    Date    : 2019-10-02
    CVE-ID  : CVE-2019-15718
    Package : systemd
    Type    : access restriction bypass
    Remote  : No
    Link    : https://security.archlinux.org/AVG-1035
    
    Summary
    =======
    
    The package systemd before version 243.0-1 is vulnerable to access
    restriction bypass.
    
    Resolution
    ==========
    
    Upgrade to 243.0-1.
    
    # pacman -Syu "systemd>=243.0-1"
    
    The problem has been fixed upstream in version 243.0.
    
    Workaround
    ==========
    
    None.
    
    Description
    ===========
    
    An improper authorization flaw was discovered in systemd-resolved
    before v234 in the way it configures the exposed DBus interface
    org.freedesktop.resolve1. An unprivileged local attacker could call all
    DBus methods, even when marked as privileged operations. An attacker
    could abuse this flaw by changing the DNS, Search Domain, LLMNR, DNSSEC
    and other network link settings without any authorization, allowing
    control of the network names resolution process and cause the system to
    communicate with wrong or malicious servers. Those operations should be
    performed only by an high-privileged user.
    
    Impact
    ======
    
    A local unprivileged attacker is able to change the DNS, Search Domain,
    LLMNR, DNSSEC and other network link settings without any
    authorization, allowing control of the network names resolution process
    and cause the system to communicate with wrong or malicious servers.
    
    References
    ==========
    
    https://www.openwall.com/lists/oss-security/2019/09/03/1
    https://bugzilla.redhat.com/show_bug.cgi?id=1746057
    https://github.com/systemd/systemd/commit/d93d10c3d101a73fe70d24154fd744a48371f002
    https://github.com/systemd/systemd/pull/13457
    https://security.archlinux.org/CVE-2019-15718
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"25","type":"x","order":"1","pct":54.35,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":10.87,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"16","type":"x","order":"3","pct":34.78,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.