Arch Linux alert ASA-201910-3 (systemd)
| From: | Levente Polyak <anthraxx@archlinux.org> | |
| To: | arch-security@archlinux.org | |
| Subject: | [ASA-201910-3] systemd: access restriction bypass | |
| Date: | Thu, 3 Oct 2019 21:15:04 +0200 | |
| Message-ID: | <0a424b8c-d157-fa34-8ba2-c975298bf0d6@archlinux.org> |
Arch Linux Security Advisory ASA-201910-3 ========================================= Severity: Medium Date : 2019-10-02 CVE-ID : CVE-2019-15718 Package : systemd Type : access restriction bypass Remote : No Link : https://security.archlinux.org/AVG-1035 Summary ======= The package systemd before version 243.0-1 is vulnerable to access restriction bypass. Resolution ========== Upgrade to 243.0-1. # pacman -Syu "systemd>=243.0-1" The problem has been fixed upstream in version 243.0. Workaround ========== None. Description =========== An improper authorization flaw was discovered in systemd-resolved before v234 in the way it configures the exposed DBus interface org.freedesktop.resolve1. An unprivileged local attacker could call all DBus methods, even when marked as privileged operations. An attacker could abuse this flaw by changing the DNS, Search Domain, LLMNR, DNSSEC and other network link settings without any authorization, allowing control of the network names resolution process and cause the system to communicate with wrong or malicious servers. Those operations should be performed only by an high-privileged user. Impact ====== A local unprivileged attacker is able to change the DNS, Search Domain, LLMNR, DNSSEC and other network link settings without any authorization, allowing control of the network names resolution process and cause the system to communicate with wrong or malicious servers. References ========== https://www.openwall.com/lists/oss-security/2019/09/03/1 https://bugzilla.redhat.com/show_bug.cgi?id=1746057 https://github.com/systemd/systemd/commit/d93d10c3d101a73... https://github.com/systemd/systemd/pull/13457 https://security.archlinux.org/CVE-2019-15718