Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2019-3844
Severity
7.8HIGH
EPSS
0.2%
top 64.28%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedApr 26
Latest updateMay 24
Description
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages3 packages
Also affects: Ubuntu Linux 16.04, 18.04, 19.10
Patches
🔴Vulnerability Details
4GHSA▶
GHSA-h647-28xp-2hc8: It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would all↗2022-05-24
OSV▶
CVE-2019-3844: It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would all↗2019-04-26
CVEList▶
CVE-2019-3844: It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would all↗2019-04-26
💥Exploits & PoCs
1Exploit-DB
▶
📋Vendor Advisories
4Red Hat
▶
Microsoft▶
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries which would allow to create binaries owned by the service transien↗2019-04-09
Debian▶
CVE-2019-3844: systemd - It was discovered that a systemd service that uses DynamicUser property can get ...↗2019