CVE-2018-16888
Severity
4.7MEDIUM
EPSS
0.2%
top 63.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedJan 14
Latest updateMay 13
Description
It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable.
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6
Affected Packages4 packages
Also affects: Ubuntu Linux 16.04, 18.04, 19.10, Enterprise Linux 7.0
Patches
🔴Vulnerability Details
4GHSA▶
GHSA-34mm-3fgq-qjxq: It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes↗2022-05-13
CVEList▶
CVE-2018-16888: It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes↗2019-01-14
OSV▶
CVE-2018-16888: It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes↗2019-01-14
📋Vendor Advisories
4💬Community
1Bugzilla
▶