Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2019-3843
Severity
7.8HIGH
EPSS
0.1%
top 68.89%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Timeline
PublishedApr 26
Latest updateMay 24
Description
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages3 packages
Also affects: Fedora 30, Ubuntu Linux 16.04, 18.04, 19.10
Patches
🔴Vulnerability Details
4GHSA▶
GHSA-54p3-x8px-4jp3: It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient se↗2022-05-24
CVEList▶
CVE-2019-3843: It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient se↗2019-04-26
OSV▶
CVE-2019-3843: It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient se↗2019-04-26
💥Exploits & PoCs
1Exploit-DB
▶
📋Vendor Advisories
4Microsoft▶
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated↗2019-04-09
Debian▶
CVE-2019-3843: systemd - It was discovered that a systemd service that uses DynamicUser property can crea...↗2019