USN-3816-3

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-3816-3

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3816-3.json

JSON Data

https://api.osv.dev/v1/vulns/USN-3816-3

Published

2018-11-27T19:18:44Z

Modified

2026-02-10T04:41:26Z

Summary

systemd regression

Details

USN-3816-1 fixed vulnerabilities in systemd. The fix for CVE-2018-6954 caused a regression in systemd-tmpfiles when running Ubuntu inside a container on some older kernels. This issue only affected Ubuntu 16.04 LTS. In order to continue to support this configuration, the fixes for CVE-2018-6954 have been reverted.

We apologize for the inconvenience.

Original advisory details:

Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. (CVE-2018-15686)

Jann Horn discovered a race condition in chown_one(). A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-15687)

It was discovered that systemd-tmpfiles mishandled symlinks in non-terminal path components. A local attacker could potentially exploit this by gaining ownership of certain files to obtain root privileges. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-6954)

References

Affected packages

Ubuntu:16.04:LTS / systemd

Package

Name: systemd
Purl: pkg:deb/ubuntu/systemd@229-4ubuntu21.10?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

229-4ubuntu21.10

Affected versions

Other

225-1ubuntu9

227-2ubuntu1

227-2ubuntu2

228-1ubuntu2

228-2ubuntu1

228-2ubuntu2

228-3ubuntu1

228-4ubuntu1

228-4ubuntu2

228-5ubuntu1

228-5ubuntu2

228-5ubuntu3

228-6ubuntu1

229-1ubuntu2

229-1ubuntu4

229-2ubuntu1

229-3ubuntu1

229-3ubuntu2

229-4ubuntu1

229-4ubuntu4

229-4ubuntu5

229-4ubuntu6

229-4ubuntu7

229-4ubuntu8

229-4ubuntu10

229-4ubuntu11

229-4ubuntu12

229-4ubuntu13

229-4ubuntu16

229-4ubuntu17

229-4ubuntu19

229-4ubuntu20

229-4ubuntu21

229-4ubuntu21.*

229-4ubuntu21.1

229-4ubuntu21.2

229-4ubuntu21.3

229-4ubuntu21.4

229-4ubuntu21.5

229-4ubuntu21.6

229-4ubuntu21.8

229-4ubuntu21.9

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "libnss-myhostname"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "libnss-mymachines"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "libnss-resolve"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "libpam-systemd"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "libsystemd-dev"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "libsystemd0"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "libudev-dev"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "libudev1"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "systemd"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "systemd-container"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "systemd-coredump"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "systemd-journal-remote"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "systemd-sysv"
        },
        {
            "binary_version": "229-4ubuntu21.10",
            "binary_name": "udev"
        }
    ],
    "availability": "No subscription required"
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3816-3.json"

cves_map

{
    "ecosystem": "Ubuntu:16.04:LTS",
    "cves": []
}