CVE-2019-3843

HIGH

Systemd < 242 - Improper Privilege Management

Title source: rule

Description

It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.

Exploits (1)

exploitdb WORKING POC

doslinux

https://www.exploit-db.com/exploits/46760

View Code ZIP pw:eip

References (7)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/108116

[Issue Tracking, Patch, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3843

[Mailing List] https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E

[Mailing List] https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20190619-0002/

[Third Party Advisory] https://usn.ubuntu.com/4269-1/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5JXQAKSTMABZ46EVCRMW62DHWYHTTFES/

Scores

CVSS v3 7.8

EPSS 0.0012

EPSS Percentile 30.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-269 CWE-266

Status published

Products (9)

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 19.10

fedoraproject/fedora 30

netapp/cn1610_firmware

netapp/hci_management_node

netapp/snapprotect

netapp/solidfire

systemd_project/systemd < 242

Published Apr 26, 2019

Tracked Since Feb 18, 2026