CVE-2016-10156

Published: 1/23/2017 Last updated: 8/6/2024 Reserved: 1/22/2017

A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (2)

conf-libudev ocaml-systemd

Products affected (1)

Product	Vendor	Version
n/a	n/a	Version 1703 for x64-based Systems

References (12)

https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e
https://bugzilla.suse.com/show_bug.cgi?id=1020601
http://www.securitytracker.com/id/1037686
https://www.exploit-db.com/exploits/41171/
http://www.securityfocus.com/bid/95790
https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f
https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e
https://bugzilla.suse.com/show_bug.cgi?id=1020601
http://www.securitytracker.com/id/1037686
https://www.exploit-db.com/exploits/41171/
http://www.securityfocus.com/bid/95790
https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f