Is CVE-2019-3844 actively exploited?

CVE-2019-3844 has no public evidence of in-the-wild exploitation as of 2024-11-21.

What is the CVSS score for CVE-2019-3844?

CVE-2019-3844 has a CVSS score of 7.8 (HIGH severity). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

How do I patch CVE-2019-3844?

Patch guidance is available from systemd project security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2019-3844.

Fix CVE-2019-3844 - HIGH systemd project systemd

Q: Which products are affected by CVE-2019-3844?

8 products: systemd project systemd, canonical ubuntu linux, canonical ubuntu linux, canonical ubuntu linux, netapp hci management node, and 3 more.

Description

It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.

CVSS Metrics

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector: local
Complexity: low
Privileges: low
User Action: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
Weaknesses: CWE-268NVD-CWE-noinfo

Metadata

Primary Vendor: SYSTEMD_PROJECT
Published: 4/26/2019
Last Modified: 11/21/2024
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

systemd_project : systemdcanonical : ubuntu_linuxcanonical : ubuntu_linuxcanonical : ubuntu_linuxnetapp : hci_management_nodenetapp : snapprotectnetapp : solidfirenetapp : cn1610_firmware

Remediation Guidance

Executive Summary

Cite this page

CVE-2019-3844. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2019-3844

View on NIST NVD

CVE-2019-3844 vulnerability