It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2019-04-26T20:26:53
Updated: 2024-08-04T19:19:18.587Z
Reserved: 2019-01-03T00:00:00
Link: CVE-2019-3844
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-04-26T21:29:00.423
Modified: 2024-11-21T04:42:41.240
Link: CVE-2019-3844
Redhat