CVE-2018-15687

HIGH

Canonical Ubuntu Linux < 240 - Race Condition

Title source: rule

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-15687. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a race condition in systemd's chown logic, allowing an attacker to change the permissions of arbitrary files via symlink manipulation. The PoC includes a detailed reproduction scenario and helper code to trigger the vulnerability.

Description

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textlocallinux

https://www.exploit-db.com/exploits/45715

View Code ZIP pw:eip

This exploit demonstrates a race condition in systemd's chown logic, allowing an attacker to change the permissions of arbitrary files via symlink manipulation. The PoC includes a detailed reproduction scenario and helper code to trigger the vulnerability.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Racy

Target: systemd (versions prior to fix for CVE-2018-15687)

Auth required

Prerequisites: Access to a system with vulnerable systemd · Ability to create files and symlinks in a service's StateDirectory · Service configured with Restart=always and StateDirectory

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1222 - File and Directory Permissions Modification

devstral-2 · analyzed Feb 16, 2026 Full analysis →