Description
A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.
Exploits (1)
exploitdb
WORKING POC
by Sebastian Krahmer · textlocallinux
https://www.exploit-db.com/exploits/41171
References (6)
Core 6
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e
Issue Tracking x_refsource_misc
https://bugzilla.suse.com/show_bug.cgi?id=1020601
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1037686
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/41171/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/95790
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f
Scores
CVSS v3
7.8
EPSS
0.0071
EPSS Percentile
72.4%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-264
Status
published
Products (1)
systemd_project/systemd
228
Published
Jan 23, 2017
Tracked Since
Feb 18, 2026