Description
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.
CVSS Metrics
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Attack Vector
- local
- Complexity
- low
- Privileges
- low
- User Action
- none
- Scope
- unchanged
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-502CWE-502
Metadata
- Primary Vendor
- CANONICAL
- Published
- 10/26/2018
- Last Modified
- 6/9/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
canonical : ubuntu_linuxcanonical : ubuntu_linuxcanonical : ubuntu_linuxdebian : debian_linuxsystemd_project : systemdoracle : communications_cloud_native_core_network_function_cloud_native_environment
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.