Mageia 7: MGASA-2021-0304 Critical: Systemd Privilege Escalation
mageia
June 30, 2021
A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or "0x" followed by hexadecimal digits
Summary
A flaw was found in systemd, where it mishandles numerical usernames beginning
with decimal digits, or "0x" followed by hexadecimal digits. When the usernames
are used by systemd, for example in service units, an unexpected user may be
used instead. In some particular configurations, this flaw allows local
attackers to elevate their privileges (CVE-2020-13776).
References
- https://bugs.mageia.org/show_bug.cgi?id=27043
- https://access.redhat.com/errata/RHSA-2021:1611
- https://www.cve.org/CVERecord?id=CVE-2020-13776
Topics Covered
Resolution
SRPMS
- 7/core/systemd-241-8.6.mga7
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 30 Jun 2021
URL: https://advisories.mageia.org/MGASA-2021-0304.html
Type: security
CVE: CVE-2020-13776
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!