CVE-2019-15718

Published: Sep 4, 2019Modified: Nov 21, 2024

4.4

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Exploitability: 1.8 / Impact: 2.5

Source: NVD

Description

In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by executing D-Bus methods that should be restricted to privileged users, in order to change the system's DNS resolver settings.

Affected (29)

Products: Systemd Project: Systemd · Fedoraproject: Fedora · Redhat: Enterprise Linux, Enterprise Linux Eus, Enterprise Linux For Ibm Z Systems 8 S390x, Enterprise Linux For Ibm Z Systems Eus, Enterprise Linux For Ibm Z Systems Eus S390x, Enterprise Linux For Power Little Endian, Enterprise Linux For Power Little Endian Eus, Enterprise Linux Server Aus, Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions, Enterprise Linux Server Tus, Enterprise Linux Server Update Services For Sap Solutions, Openshift Container Platform

1 product

1 product

12 products

Enterprise Linux For Ibm Z Systems 8 S390x

Enterprise Linux For Ibm Z Systems Eus

Enterprise Linux For Ibm Z Systems Eus S390x

Enterprise Linux For Power Little Endian

Enterprise Linux For Power Little Endian Eus

Enterprise Linux Server Aus

Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions

Enterprise Linux Server Tus

Enterprise Linux Server Update Services For Sap Solutions

Openshift Container Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Systemd Project Systemd	Version 240

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 29
Fedoraproject Fedora	Version 30
Fedoraproject Fedora	Version 31

Configuration C

25 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 8.0
Redhat Enterprise Linux Eus	Version 8.1
Redhat Enterprise Linux Eus	Version 8.2
Redhat Enterprise Linux Eus	Version 8.4
Redhat Enterprise Linux For Ibm Z Systems 8 S390x	All versions
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 8.1
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 8.4
Redhat Enterprise Linux For Ibm Z Systems Eus S390x	Version 8.1
Redhat Enterprise Linux For Ibm Z Systems Eus S390x	Version 8.2
Redhat Enterprise Linux For Power Little Endian	Version 8.0
Redhat Enterprise Linux For Power Little Endian Eus	Version 8.1
Redhat Enterprise Linux For Power Little Endian Eus	Version 8.2
Redhat Enterprise Linux For Power Little Endian Eus	Version 8.4
Redhat Enterprise Linux Server Aus	Version 8.2
Redhat Enterprise Linux Server Aus	Version 8.4
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	Version 8.1
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	Version 8.2
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions	Version 8.4
Redhat Enterprise Linux Server Tus	Version 8.2
Redhat Enterprise Linux Server Tus	Version 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions	Version 8.1
Redhat Enterprise Linux Server Update Services For Sap Solutions	Version 8.2
Redhat Enterprise Linux Server Update Services For Sap Solutions	Version 8.4
Redhat Openshift Container Platform	Version 4.1