Описание
In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| systemd | fixed | 260~rc2-1 | package | |
| systemd | not-affected | trixie | package | |
| systemd | not-affected | bookworm | package | |
| systemd | not-affected | bullseye | package |
Примечания
https://github.com/systemd/systemd/security/advisories/GHSA-6pwp-j5vg-5j6m
Introduced with: https://github.com/systemd/systemd/commit/adaff8eb35d9c471af81fddaa4403bc5843a256f (v258-rc1)
Fixed by: https://github.com/systemd/systemd/commit/e5a5656b55725b3674419b67a3f0287f37781860 (v260-rc2)
Связанные уязвимости
In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.
A flaw was found in systemd-machined, a component of systemd. A local attacker can exploit a vulnerability related to how varlink interacts with the root namespace. This can lead to local privilege escalation, allowing the attacker to gain elevated access on the system.
In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.
In systemd 259 before 260, there is local privilege escalation in systemd-machined because varlink can be used to reach the root namespace.