USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes.
We apologize for the inconvenience.
Original advisory details:
Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. (CVE-2018-15686)
Jann Horn discovered a race condition in chown_one(). A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-15687)
It was discovered that systemd-tmpfiles mishandled symlinks in non-terminal path components. A local attacker could potentially exploit this by gaining ownership of certain files to obtain root privileges. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-6954)
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libnss-myhostname", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libnss-myhostname-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libnss-mymachines", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libnss-mymachines-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libnss-resolve", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libnss-resolve-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libpam-systemd", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libpam-systemd-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libsystemd-dev", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libsystemd-dev-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libsystemd0", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libsystemd0-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libudev-dev", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libudev-dev-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libudev1", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libudev1-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libudev1-udeb", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "libudev1-udeb-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd-container", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd-container-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd-coredump", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd-coredump-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd-dbg", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd-journal-remote", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd-journal-remote-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd-sysv", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "systemd-sysv-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "udev", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "udev-dbgsym", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "udev-udeb", "binary_version": "229-4ubuntu21.9" }, { "binary_name": "udev-udeb-dbgsym", "binary_version": "229-4ubuntu21.9" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libnss-myhostname", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libnss-myhostname-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libnss-mymachines", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libnss-mymachines-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libnss-resolve", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libnss-resolve-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libnss-systemd", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libnss-systemd-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libpam-systemd", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libpam-systemd-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libsystemd-dev", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libsystemd0", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libsystemd0-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libudev-dev", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libudev1", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libudev1-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "libudev1-udeb", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd-container", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd-container-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd-coredump", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd-coredump-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd-journal-remote", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd-journal-remote-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd-sysv", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd-tests", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "systemd-tests-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "udev", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "udev-dbgsym", "binary_version": "237-3ubuntu10.9" }, { "binary_name": "udev-udeb", "binary_version": "237-3ubuntu10.9" } ] }