UBUNTU-CVE-2020-13776

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2020-13776

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2020/UBUNTU-CVE-2020-13776.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2020-13776

Related

CVE-2020-13776

Published

2020-06-03T03:15:00Z

Modified

2020-06-03T03:15:00Z

Severity

6.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.

References

Affected packages

Ubuntu:Pro:14.04:LTS / systemd

Package

Name: systemd
Purl: pkg:deb/ubuntu/systemd?arch=src?distro=trusty/esm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

204-0ubuntu18

204-0ubuntu19

204-5ubuntu3

204-5ubuntu5

204-5ubuntu6

204-5ubuntu7

204-5ubuntu8

204-5ubuntu9

204-5ubuntu10

204-5ubuntu11

204-5ubuntu13

204-5ubuntu14

204-5ubuntu15

204-5ubuntu16

204-5ubuntu17

204-5ubuntu18

204-5ubuntu19

204-5ubuntu20

204-5ubuntu20.*

204-5ubuntu20.2

204-5ubuntu20.3

204-5ubuntu20.4

204-5ubuntu20.5

204-5ubuntu20.6

204-5ubuntu20.7

204-5ubuntu20.8

204-5ubuntu20.9

204-5ubuntu20.10

204-5ubuntu20.11

204-5ubuntu20.12

204-5ubuntu20.13

204-5ubuntu20.14

204-5ubuntu20.15

204-5ubuntu20.18

204-5ubuntu20.19

204-5ubuntu20.20

204-5ubuntu20.21

204-5ubuntu20.22

204-5ubuntu20.24

204-5ubuntu20.25

204-5ubuntu20.26

204-5ubuntu20.28

204-5ubuntu20.29

204-5ubuntu20.31

204-5ubuntu20.31+esm2

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:Pro:16.04:LTS / systemd

Package

Name: systemd
Purl: pkg:deb/ubuntu/systemd?arch=src?distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

225-1ubuntu9

227-2ubuntu1

227-2ubuntu2

228-1ubuntu2

228-2ubuntu1

228-2ubuntu2

228-3ubuntu1

228-4ubuntu1

228-4ubuntu2

228-5ubuntu1

228-5ubuntu2

228-5ubuntu3

228-6ubuntu1

229-1ubuntu2

229-1ubuntu4

229-2ubuntu1

229-3ubuntu1

229-3ubuntu2

229-4ubuntu1

229-4ubuntu4

229-4ubuntu5

229-4ubuntu6

229-4ubuntu7

229-4ubuntu8

229-4ubuntu10

229-4ubuntu11

229-4ubuntu12

229-4ubuntu13

229-4ubuntu16

229-4ubuntu17

229-4ubuntu19

229-4ubuntu20

229-4ubuntu21

229-4ubuntu21.*

229-4ubuntu21.1

229-4ubuntu21.2

229-4ubuntu21.3

229-4ubuntu21.4

229-4ubuntu21.5

229-4ubuntu21.6

229-4ubuntu21.8

229-4ubuntu21.9

229-4ubuntu21.10

229-4ubuntu21.15

229-4ubuntu21.16

229-4ubuntu21.17

229-4ubuntu21.19

229-4ubuntu21.21

229-4ubuntu21.22

229-4ubuntu21.23

229-4ubuntu21.27

229-4ubuntu21.28

229-4ubuntu21.29

229-4ubuntu21.31

229-4ubuntu21.31+esm1

229-4ubuntu21.31+esm3

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:Pro:18.04:LTS / systemd

Package

Name: systemd
Purl: pkg:deb/ubuntu/systemd?arch=src?distro=esm-infra/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

234-2ubuntu12

235-2ubuntu3

235-3ubuntu2

235-3ubuntu3

237-3ubuntu3

237-3ubuntu4

237-3ubuntu6

237-3ubuntu7

237-3ubuntu8

237-3ubuntu10

237-3ubuntu10.*

237-3ubuntu10.2

237-3ubuntu10.3

237-3ubuntu10.4

237-3ubuntu10.6

237-3ubuntu10.9

237-3ubuntu10.11

237-3ubuntu10.12

237-3ubuntu10.13

237-3ubuntu10.15

237-3ubuntu10.17

237-3ubuntu10.19

237-3ubuntu10.20

237-3ubuntu10.21

237-3ubuntu10.22

237-3ubuntu10.23

237-3ubuntu10.24

237-3ubuntu10.25

237-3ubuntu10.26

237-3ubuntu10.28

237-3ubuntu10.29

237-3ubuntu10.31

237-3ubuntu10.33

237-3ubuntu10.38

237-3ubuntu10.39

237-3ubuntu10.40

237-3ubuntu10.41

237-3ubuntu10.42

237-3ubuntu10.43

237-3ubuntu10.44

237-3ubuntu10.45

237-3ubuntu10.46

237-3ubuntu10.47

237-3ubuntu10.48

237-3ubuntu10.49

237-3ubuntu10.50

237-3ubuntu10.51

237-3ubuntu10.52

237-3ubuntu10.53

237-3ubuntu10.54

237-3ubuntu10.56

237-3ubuntu10.57

Ecosystem specific

{
    "ubuntu_priority": "low"
}

Ubuntu:20.04:LTS / systemd

Package

Name: systemd
Purl: pkg:deb/ubuntu/systemd?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

242-7ubuntu3

243-2ubuntu1

243-3ubuntu1

244-3ubuntu1

244.*

244.1-0ubuntu2

244.1-0ubuntu3

244.2-1ubuntu1

244.3-1ubuntu1

245.*

245.2-1ubuntu1

245.2-1ubuntu2

245.4-2ubuntu1

245.4-4ubuntu1

245.4-4ubuntu3

245.4-4ubuntu3.1

245.4-4ubuntu3.2

245.4-4ubuntu3.3

245.4-4ubuntu3.4

245.4-4ubuntu3.5

245.4-4ubuntu3.6

245.4-4ubuntu3.7

245.4-4ubuntu3.10

245.4-4ubuntu3.11

245.4-4ubuntu3.13

245.4-4ubuntu3.14

245.4-4ubuntu3.15

245.4-4ubuntu3.16

245.4-4ubuntu3.17

245.4-4ubuntu3.18

245.4-4ubuntu3.19

245.4-4ubuntu3.20

245.4-4ubuntu3.21

245.4-4ubuntu3.22

245.4-4ubuntu3.23

245.4-4ubuntu3.24

Ecosystem specific

{
    "ubuntu_priority": "low"
}