Vulnerabilities > CVE-2019-3844

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
systemd-project
canonical
netapp
nessus
exploit available

Summary

It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.

Vulnerable Configurations

Part Description Count
Application
Systemd_Project
133
Application
Netapp
3
OS
Canonical
3
OS
Netapp
1
Hardware
Netapp
1

Exploit-Db

idEDB-ID:46760
last seen2019-04-26
modified2019-04-26
published2019-04-26
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/46760
titlesystemd - DynamicUser can Create setuid Binaries when Assisted by Another Process

Nessus

  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-3_0-0024_SYSTEMD.NASL
    descriptionAn update of the systemd package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id128160
    published2019-08-26
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128160
    titlePhoton OS 3.0: Systemd PHSA-2019-3.0-0024
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from VMware Security Advisory PHSA-2019-3.0-0024. The text
    # itself is copyright (C) VMware, Inc.
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128160);
      script_version("1.2");
      script_cvs_date("Date: 2019/09/24 11:01:33");
    
      script_cve_id("CVE-2019-3843", "CVE-2019-3844", "CVE-2019-6454");
      script_bugtraq_id(107081);
    
      script_name(english:"Photon OS 3.0: Systemd PHSA-2019-3.0-0024");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote PhotonOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "An update of the systemd package has been released.");
      script_set_attribute(attribute:"see_also", value:"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024.md");
      script_set_attribute(attribute:"solution", value:
    "Update the affected Linux packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3844");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/31");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/26");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:vmware:photonos:systemd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:photonos:3.0");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"PhotonOS Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/PhotonOS/release", "Host/PhotonOS/rpm-list");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/PhotonOS/release");
    if (isnull(release) || release !~ "^VMware Photon") audit(AUDIT_OS_NOT, "PhotonOS");
    if (release !~ "^VMware Photon (?:Linux|OS) 3\.0(\D|$)") audit(AUDIT_OS_NOT, "PhotonOS 3.0");
    
    if (!get_kb_item("Host/PhotonOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "PhotonOS", cpu);
    
    flag = 0;
    
    if (rpm_check(release:"PhotonOS-3.0", reference:"systemd-239-12.ph3")) flag++;
    if (rpm_check(release:"PhotonOS-3.0", reference:"systemd-debuginfo-239-12.ph3")) flag++;
    if (rpm_check(release:"PhotonOS-3.0", reference:"systemd-devel-239-12.ph3")) flag++;
    if (rpm_check(release:"PhotonOS-3.0", reference:"systemd-lang-239-12.ph3")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "systemd");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1661.NASL
    descriptionAccording to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow a cooperating process to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future when the GID will be recycled.(CVE-2019-3844) - It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future when the UID/GID will be recycled.(CVE-2019-3843) - In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the
    last seen2020-05-03
    modified2019-06-27
    plugin id126288
    published2019-06-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126288
    titleEulerOS 2.0 SP8 : systemd (EulerOS-SA-2019-1661)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126288);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/05/01");
    
      script_cve_id(
        "CVE-2019-3842",
        "CVE-2019-3843",
        "CVE-2019-3844"
      );
    
      script_name(english:"EulerOS 2.0 SP8 : systemd (EulerOS-SA-2019-1661)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS host is missing multiple security updates.");
      script_set_attribute(attribute:"description", value:
    "According to the versions of the systemd packages installed, the
    EulerOS installation on the remote host is affected by the following
    vulnerabilities :
    
      - It was discovered that a systemd service that uses
        DynamicUser property can get new privileges through the
        execution of SUID binaries, which would allow a
        cooperating process to create binaries owned by the
        service transient group with the setgid bit set. A
        local attacker may use this flaw to access resources
        that will be owned by a potentially different service
        in the future when the GID will be
        recycled.(CVE-2019-3844)
    
      - It was discovered that a systemd service that uses
        DynamicUser property can create a SUID/SGID binary that
        would be allowed to run as the transient service
        UID/GID even after the service is terminated. A local
        attacker may use this flaw to access resources that
        will be owned by a potentially different service in the
        future when the UID/GID will be
        recycled.(CVE-2019-3843)
    
      - In systemd before v242-rc4, it was discovered that
        pam_systemd does not properly sanitize the environment
        before using the XDG_SEAT variable. It is possible for
        an attacker, in some particular configurations, to set
        a XDG_SEAT environment variable which allows for
        commands to be checked against polkit policies using
        the 'allow_active' element rather than
        'allow_any'.(CVE-2019-3842)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1661
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?edc44c28");
      script_set_attribute(attribute:"solution", value:
    "Update the affected systemd packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/06/27");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/06/27");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-container");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-journal-remote");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-pam");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-udev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-udev-compat");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
      script_exclude_keys("Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0");
    
    sp = get_kb_item("Host/EulerOS/sp");
    if (isnull(sp) || sp !~ "^(8)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8");
    
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP8", "EulerOS UVP " + uvp);
    
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
    
    flag = 0;
    
    pkgs = ["systemd-239-3.h24.eulerosv2r8",
            "systemd-container-239-3.h24.eulerosv2r8",
            "systemd-devel-239-3.h24.eulerosv2r8",
            "systemd-journal-remote-239-3.h24.eulerosv2r8",
            "systemd-libs-239-3.h24.eulerosv2r8",
            "systemd-pam-239-3.h24.eulerosv2r8",
            "systemd-udev-239-3.h24.eulerosv2r8",
            "systemd-udev-compat-239-3.h24.eulerosv2r8"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", sp:"8", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "systemd");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-1794.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1794 advisory. - systemd: services with DynamicUser can create SUID/SGID binaries (CVE-2019-3843) - systemd: services with DynamicUser can get new privileges and create SGID binaries (CVE-2019-3844) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-04-30
    modified2020-04-28
    plugin id136046
    published2020-04-28
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136046
    titleRHEL 8 : systemd (RHSA-2020:1794)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from Red Hat Security Advisory RHSA-2020:1794. The text
    # itself is copyright (C) Red Hat, Inc.
    #
    
    
    include('compat.inc');
    
    if (description)
    {
      script_id(136046);
      script_version("1.2");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/29");
    
      script_cve_id("CVE-2019-3843", "CVE-2019-3844");
      script_bugtraq_id(108096, 108116);
      script_xref(name:"RHSA", value:"2020:1794");
    
      script_name(english:"RHEL 8 : systemd (RHSA-2020:1794)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote Red Hat host is missing one or more security updates.");
      script_set_attribute(attribute:"description", value:
    "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as
    referenced in the RHSA-2020:1794 advisory.
    
      - systemd: services with DynamicUser can create SUID/SGID
        binaries (CVE-2019-3843)
    
      - systemd: services with DynamicUser can get new
        privileges and create SGID binaries (CVE-2019-3844)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/266.html");
      script_set_attribute(attribute:"see_also", value:"https://cwe.mitre.org/data/definitions/268.html");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2020:1794");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-3843");
      script_set_attribute(attribute:"see_also", value:"https://access.redhat.com/security/cve/CVE-2019-3844");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1684607");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/1684610");
      script_set_attribute(attribute:"solution", value:
    "Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3844");
    
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(266, 268);
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/04/26");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/04/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/04/28");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8::baseos");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:systemd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:systemd-container");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:systemd-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:systemd-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:systemd-journal-remote");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:systemd-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:systemd-pam");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:systemd-tests");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:systemd-udev");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Red Hat Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include('audit.inc');
    include('global_settings.inc');
    include('misc_func.inc');
    include('rpm.inc');
    
    if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item('Host/RedHat/release');
    if (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');
    os_ver = os_ver[1];
    if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);
    
    if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item('Host/cpu');
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);
    
    pkgs = [
        {'reference':'systemd-239-29.el8', 'cpu':'aarch64', 'release':'8'},
        {'reference':'systemd-239-29.el8', 'cpu':'i686', 'release':'8'},
        {'reference':'systemd-239-29.el8', 'cpu':'s390x', 'release':'8'},
        {'reference':'systemd-239-29.el8', 'cpu':'x86_64', 'release':'8'},
        {'reference':'systemd-container-239-29.el8', 'cpu':'aarch64', 'release':'8'},
        {'reference':'systemd-container-239-29.el8', 'cpu':'i686', 'release':'8'},
        {'reference':'systemd-container-239-29.el8', 'cpu':'s390x', 'release':'8'},
        {'reference':'systemd-container-239-29.el8', 'cpu':'x86_64', 'release':'8'},
        {'reference':'systemd-debugsource-239-29.el8', 'cpu':'aarch64', 'release':'8'},
        {'reference':'systemd-debugsource-239-29.el8', 'cpu':'i686', 'release':'8'},
        {'reference':'systemd-debugsource-239-29.el8', 'cpu':'s390x', 'release':'8'},
        {'reference':'systemd-debugsource-239-29.el8', 'cpu':'x86_64', 'release':'8'},
        {'reference':'systemd-devel-239-29.el8', 'cpu':'aarch64', 'release':'8'},
        {'reference':'systemd-devel-239-29.el8', 'cpu':'i686', 'release':'8'},
        {'reference':'systemd-devel-239-29.el8', 'cpu':'s390x', 'release':'8'},
        {'reference':'systemd-devel-239-29.el8', 'cpu':'x86_64', 'release':'8'},
        {'reference':'systemd-journal-remote-239-29.el8', 'cpu':'aarch64', 'release':'8'},
        {'reference':'systemd-journal-remote-239-29.el8', 'cpu':'s390x', 'release':'8'},
        {'reference':'systemd-journal-remote-239-29.el8', 'cpu':'x86_64', 'release':'8'},
        {'reference':'systemd-libs-239-29.el8', 'cpu':'aarch64', 'release':'8'},
        {'reference':'systemd-libs-239-29.el8', 'cpu':'i686', 'release':'8'},
        {'reference':'systemd-libs-239-29.el8', 'cpu':'s390x', 'release':'8'},
        {'reference':'systemd-libs-239-29.el8', 'cpu':'x86_64', 'release':'8'},
        {'reference':'systemd-pam-239-29.el8', 'cpu':'aarch64', 'release':'8'},
        {'reference':'systemd-pam-239-29.el8', 'cpu':'s390x', 'release':'8'},
        {'reference':'systemd-pam-239-29.el8', 'cpu':'x86_64', 'release':'8'},
        {'reference':'systemd-tests-239-29.el8', 'cpu':'aarch64', 'release':'8'},
        {'reference':'systemd-tests-239-29.el8', 'cpu':'s390x', 'release':'8'},
        {'reference':'systemd-tests-239-29.el8', 'cpu':'x86_64', 'release':'8'},
        {'reference':'systemd-udev-239-29.el8', 'cpu':'aarch64', 'release':'8'},
        {'reference':'systemd-udev-239-29.el8', 'cpu':'s390x', 'release':'8'},
        {'reference':'systemd-udev-239-29.el8', 'cpu':'x86_64', 'release':'8'}
    ];
    
    flag = 0;
    foreach package_array ( pkgs ) {
      reference = NULL;
      release = NULL;
      sp = NULL;
      cpu = NULL;
      el_string = NULL;
      rpm_spec_vers_cmp = NULL;
      epoch = NULL;
      if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
      if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];
      if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
      if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
      if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
      if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
      if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
      if (reference && release) {
        if (rpm_spec_vers_cmp) {
          if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:TRUE)) flag++;
        }
        else
        {
          if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch)) flag++;
        }
      }
    }
    
    if (flag)
    {
      security_report_v4(
          port       : 0,
          severity   : SECURITY_WARNING,
          extra      : rpm_report_get() + redhat_report_package_caveat()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'systemd / systemd-container / systemd-debugsource / etc');
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1364-1.NASL
    descriptionThis update for systemd fixes the following issues : Security issues fixed : CVE-2019-3842: Fixed a privilege escalation in pam_systemd which could be exploited by a local user (bsc#1132348). CVE-2019-6454: Fixed a denial of service via crafted D-Bus message (bsc#1125352). CVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where services with DynamicUser could gain new privileges or create SUID/SGID binaries (bsc#1133506, bsc#1133509). Non-security issued fixed: logind: fix killing of scopes (bsc#1125604) namespace: make MountFlags=shared work again (bsc#1124122) rules: load drivers only on
    last seen2020-06-01
    modified2020-06-02
    plugin id125537
    published2019-05-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125537
    titleSUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:1364-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2019:1364-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(125537);
      script_version("1.4");
      script_cvs_date("Date: 2020/01/15");
    
      script_cve_id("CVE-2019-3842", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-6454");
    
      script_name(english:"SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:1364-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for systemd fixes the following issues :
    
    Security issues fixed :
    
    CVE-2019-3842: Fixed a privilege escalation in pam_systemd which could
    be exploited by a local user (bsc#1132348).
    
    CVE-2019-6454: Fixed a denial of service via crafted D-Bus message
    (bsc#1125352).
    
    CVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where
    services with DynamicUser could gain new privileges or create
    SUID/SGID binaries (bsc#1133506, bsc#1133509).
    
    Non-security issued fixed: logind: fix killing of scopes (bsc#1125604)
    
    namespace: make MountFlags=shared work again (bsc#1124122)
    
    rules: load drivers only on 'add' events (bsc#1126056)
    
    sysctl: Don't pass null directive argument to '%s' (bsc#1121563)
    
    systemd-coredump: generate a stack trace of all core dumps and log
    into the journal (jsc#SLE-5933)
    
    udevd: notify when max number value of children is reached only once
    per batch of events (bsc#1132400)
    
    sd-bus: bump message queue size again (bsc#1132721)
    
    Do not automatically online memory on s390x (bsc#1127557)
    
    Removed sg.conf (bsc#1036463)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1036463"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1121563"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1124122"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1125352"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1125604"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1126056"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1127557"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1130230"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1132348"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1132400"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1132721"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1133506"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1133509"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-3842/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-3843/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-3844/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2019-6454/"
      );
      # https://www.suse.com/support/update/announcement/2019/suse-su-20191364-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?9d71e703"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Module for Open Buildservice Development Tools
    15:zypper in -t patch
    SUSE-SLE-Module-Development-Tools-OBS-15-2019-1364=1
    
    SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch
    SUSE-SLE-Module-Basesystem-15-2019-1364=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3844");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsystemd0");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsystemd0-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsystemd0-32bit-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsystemd0-mini");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libsystemd0-mini-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev-mini-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev-mini1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev-mini1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev1-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev1-32bit-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libudev1-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nss-myhostname");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nss-myhostname-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nss-mymachines");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nss-mymachines-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nss-systemd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:nss-systemd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-32bit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-32bit-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-container");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-container-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-coredump");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-coredump-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-logger");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-mini");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-mini-container-mini");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-mini-container-mini-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-mini-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-mini-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-mini-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-mini-sysvinit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:systemd-sysvinit");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:udev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:udev-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:udev-mini");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:udev-mini-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/05/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/29");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0", os_ver + " SP" + sp);
    if (os_ver == "SLED15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libsystemd0-32bit-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libsystemd0-32bit-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libudev1-32bit-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libudev1-32bit-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"systemd-32bit-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"systemd-32bit-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libsystemd0-mini-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libsystemd0-mini-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libudev-mini-devel-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libudev-mini1-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libudev-mini1-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"nss-myhostname-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"nss-myhostname-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"nss-mymachines-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"nss-mymachines-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"nss-systemd-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"nss-systemd-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-debugsource-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-logger-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-mini-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-mini-container-mini-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-mini-container-mini-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-mini-coredump-mini-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-mini-coredump-mini-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-mini-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-mini-debugsource-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-mini-devel-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-mini-sysvinit-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"udev-mini-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"udev-mini-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libsystemd0-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libsystemd0-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libudev-devel-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libudev1-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libudev1-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-container-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-container-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-coredump-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-coredump-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-debugsource-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-devel-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"systemd-sysvinit-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"udev-234-24.30.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"udev-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libsystemd0-32bit-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libsystemd0-32bit-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libudev1-32bit-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libudev1-32bit-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"systemd-32bit-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"systemd-32bit-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libsystemd0-mini-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libsystemd0-mini-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libudev-mini-devel-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libudev-mini1-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libudev-mini1-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"nss-myhostname-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"nss-myhostname-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"nss-mymachines-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"nss-mymachines-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"nss-systemd-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"nss-systemd-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-debugsource-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-logger-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-mini-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-mini-container-mini-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-mini-container-mini-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-mini-coredump-mini-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-mini-coredump-mini-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-mini-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-mini-debugsource-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-mini-devel-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-mini-sysvinit-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"udev-mini-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"udev-mini-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libsystemd0-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libsystemd0-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libudev-devel-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libudev1-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libudev1-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-container-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-container-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-coredump-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-coredump-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-debuginfo-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-debugsource-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-devel-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"systemd-sysvinit-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"udev-234-24.30.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"udev-debuginfo-234-24.30.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "systemd");
    }
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4269-1.NASL
    descriptionIt was discovered that systemd incorrectly handled certain PIDFile files. A local attacker could possibly use this issue to trick systemd into killing privileged processes. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-16888) It was discovered that systemd incorrectly handled certain udevadm trigger commands. A local attacker could possibly use this issue to cause systemd to consume resources, leading to a denial of service. (CVE-2019-20386) Jann Horn discovered that systemd incorrectly handled services that use the DynamicUser property. A local attacker could possibly use this issue to access resources owned by a different service in the future. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-3843, CVE-2019-3844) Tavis Ormandy discovered that systemd incorrectly handled certain Polkit queries. A local attacker could use this issue to cause systemd to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges. (CVE-2020-1712). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id133523
    published2020-02-06
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133523
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.10 : systemd vulnerabilities (USN-4269-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-4269-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(133523);
      script_version("1.2");
      script_cvs_date("Date: 2020/02/10");
    
      script_cve_id("CVE-2018-16888", "CVE-2019-20386", "CVE-2019-3843", "CVE-2019-3844", "CVE-2020-1712");
      script_xref(name:"USN", value:"4269-1");
    
      script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : systemd vulnerabilities (USN-4269-1)");
      script_summary(english:"Checks dpkg output for updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Ubuntu host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "It was discovered that systemd incorrectly handled certain PIDFile
    files. A local attacker could possibly use this issue to trick systemd
    into killing privileged processes. This issue only affected Ubuntu
    16.04 LTS. (CVE-2018-16888)
    
    It was discovered that systemd incorrectly handled certain udevadm
    trigger commands. A local attacker could possibly use this issue to
    cause systemd to consume resources, leading to a denial of service.
    (CVE-2019-20386)
    
    Jann Horn discovered that systemd incorrectly handled services that
    use the DynamicUser property. A local attacker could possibly use this
    issue to access resources owned by a different service in the future.
    This issue only affected Ubuntu 18.04 LTS. (CVE-2019-3843,
    CVE-2019-3844)
    
    Tavis Ormandy discovered that systemd incorrectly handled certain
    Polkit queries. A local attacker could use this issue to cause systemd
    to crash, resulting in a denial of service, or possibly execute
    arbitrary code and escalate privileges. (CVE-2020-1712).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/4269-1/"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected systemd package."
      );
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:systemd");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.10");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/14");
      script_set_attribute(attribute:"patch_publication_date", value:"2020/02/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/06");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("misc_func.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(16\.04|18\.04|19\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04 / 18.04 / 19.10", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    flag = 0;
    
    if (ubuntu_check(osver:"16.04", pkgname:"systemd", pkgver:"229-4ubuntu21.27")) flag++;
    if (ubuntu_check(osver:"18.04", pkgname:"systemd", pkgver:"237-3ubuntu10.38")) flag++;
    if (ubuntu_check(osver:"19.10", pkgname:"systemd", pkgver:"242-7ubuntu3.6")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "systemd");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-2319.NASL
    descriptionAccording to the versions of the systemd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.(CVE-2019-3843) - It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.(CVE-2019-3844) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id131484
    published2019-12-03
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131484
    titleEulerOS Virtualization for ARM 64 3.0.3.0 : systemd (EulerOS-SA-2019-2319)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(131484);
      script_version("1.2");
      script_cvs_date("Date: 2019/12/10");
    
      script_cve_id(
        "CVE-2019-3843",
        "CVE-2019-3844"
      );
    
      script_name(english:"EulerOS Virtualization for ARM 64 3.0.3.0 : systemd (EulerOS-SA-2019-2319)");
      script_summary(english:"Checks the rpm output for the updated packages.");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote EulerOS Virtualization for ARM 64 host is missing multiple security
    updates.");
      script_set_attribute(attribute:"description", value:
    "According to the versions of the systemd packages installed, the
    EulerOS Virtualization for ARM 64 installation on the remote host is
    affected by the following vulnerabilities :
    
      - It was discovered that a systemd service that uses
        DynamicUser property can create a SUID/SGID binary that
        would be allowed to run as the transient service
        UID/GID even after the service is terminated. A local
        attacker may use this flaw to access resources that
        will be owned by a potentially different service in the
        future, when the UID/GID will be
        recycled.(CVE-2019-3843)
    
      - It was discovered that a systemd service that uses
        DynamicUser property can get new privileges through the
        execution of SUID binaries, which would allow to create
        binaries owned by the service transient group with the
        setgid bit set. A local attacker may use this flaw to
        access resources that will be owned by a potentially
        different service in the future, when the GID will be
        recycled.(CVE-2019-3844)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the EulerOS security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues.");
      # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2319
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3efa94e4");
      script_set_attribute(attribute:"solution", value:
    "Update the affected systemd packages.");
      script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2019/12/03");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/03");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-container");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-journal-remote");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-libs");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-pam");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-udev");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:systemd-udev-compat");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:uvp:3.0.3.0");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Huawei Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/uvp_version");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/EulerOS/release");
    if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
    uvp = get_kb_item("Host/EulerOS/uvp_version");
    if (uvp != "3.0.3.0") audit(AUDIT_OS_NOT, "EulerOS Virtualization 3.0.3.0");
    if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
    if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
    
    flag = 0;
    
    pkgs = ["systemd-239-3.h56.eulerosv2r8",
            "systemd-container-239-3.h56.eulerosv2r8",
            "systemd-devel-239-3.h56.eulerosv2r8",
            "systemd-journal-remote-239-3.h56.eulerosv2r8",
            "systemd-libs-239-3.h56.eulerosv2r8",
            "systemd-pam-239-3.h56.eulerosv2r8",
            "systemd-udev-239-3.h56.eulerosv2r8",
            "systemd-udev-compat-239-3.h56.eulerosv2r8"];
    
    foreach (pkg in pkgs)
      if (rpm_check(release:"EulerOS-2.0", reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "systemd");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1364-2.NASL
    descriptionThis update for systemd fixes the following issues : Security issues fixed : CVE-2019-3842: Fixed a privilege escalation in pam_systemd which could be exploited by a local user (bsc#1132348). CVE-2019-6454: Fixed a denial of service via crafted D-Bus message (bsc#1125352). CVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where services with DynamicUser could gain new privileges or create SUID/SGID binaries (bsc#1133506, bsc#1133509). Non-security issued fixed: logind: fix killing of scopes (bsc#1125604) namespace: make MountFlags=shared work again (bsc#1124122) rules: load drivers only on
    last seen2020-06-01
    modified2020-06-02
    plugin id126736
    published2019-07-16
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126736
    titleSUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:1364-2)

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/152635/GS20190425225218.txt
idPACKETSTORM:152635
last seen2019-04-26
published2019-04-25
reporterJann Horn
sourcehttps://packetstormsecurity.com/files/152635/systemd-DynamicUser-SetUID-Binary-Creation.html
titlesystemd DynamicUser SetUID Binary Creation

Redhat

advisories
bugzilla
id1808940
titlecpuset controller group not created for qemu vm
oval
OR
  • commentRed Hat Enterprise Linux must be installed
    ovaloval:com.redhat.rhba:tst:20070304026
  • AND
    • commentRed Hat Enterprise Linux 8 is installed
      ovaloval:com.redhat.rhba:tst:20193384074
    • OR
      • AND
        • commentsystemd-debugsource is earlier than 0:239-29.el8
          ovaloval:com.redhat.rhsa:tst:20201794001
        • commentsystemd-debugsource is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20190990016
      • AND
        • commentsystemd-udev is earlier than 0:239-29.el8
          ovaloval:com.redhat.rhsa:tst:20201794003
        • commentsystemd-udev is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20190990018
      • AND
        • commentsystemd-tests is earlier than 0:239-29.el8
          ovaloval:com.redhat.rhsa:tst:20201794005
        • commentsystemd-tests is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20190990004
      • AND
        • commentsystemd-pam is earlier than 0:239-29.el8
          ovaloval:com.redhat.rhsa:tst:20201794007
        • commentsystemd-pam is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20190990002
      • AND
        • commentsystemd-libs is earlier than 0:239-29.el8
          ovaloval:com.redhat.rhsa:tst:20201794009
        • commentsystemd-libs is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20152092016
      • AND
        • commentsystemd-journal-remote is earlier than 0:239-29.el8
          ovaloval:com.redhat.rhsa:tst:20201794011
        • commentsystemd-journal-remote is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20190990012
      • AND
        • commentsystemd-devel is earlier than 0:239-29.el8
          ovaloval:com.redhat.rhsa:tst:20201794013
        • commentsystemd-devel is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20152092020
      • AND
        • commentsystemd-container is earlier than 0:239-29.el8
          ovaloval:com.redhat.rhsa:tst:20201794015
        • commentsystemd-container is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhsa:tst:20190990010
      • AND
        • commentsystemd is earlier than 0:239-29.el8
          ovaloval:com.redhat.rhsa:tst:20201794017
        • commentsystemd is signed with Red Hat redhatrelease2 key
          ovaloval:com.redhat.rhba:tst:20152092014
rhsa
idRHSA-2020:1794
released2020-04-28
severityModerate
titleRHSA-2020:1794: systemd security, bug fix, and enhancement update (Moderate)
rpms
  • systemd-0:239-29.el8
  • systemd-container-0:239-29.el8
  • systemd-container-debuginfo-0:239-29.el8
  • systemd-debuginfo-0:239-29.el8
  • systemd-debugsource-0:239-29.el8
  • systemd-devel-0:239-29.el8
  • systemd-journal-remote-0:239-29.el8
  • systemd-journal-remote-debuginfo-0:239-29.el8
  • systemd-libs-0:239-29.el8
  • systemd-libs-debuginfo-0:239-29.el8
  • systemd-pam-0:239-29.el8
  • systemd-pam-debuginfo-0:239-29.el8
  • systemd-tests-0:239-29.el8
  • systemd-tests-debuginfo-0:239-29.el8
  • systemd-udev-0:239-29.el8
  • systemd-udev-debuginfo-0:239-29.el8