vulnerability
Arch Linux: Access restriction bypass (CVE-2019-15718)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:N/C:P/I:P/A:N) | Sep 4, 2019 | Jul 11, 2025 | Nov 27, 2025 |
Severity
4
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:N)
Published
Sep 4, 2019
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
An improper authorization flaw was discovered in systemd-resolved before v234 in the way it configures the exposed DBus interface org.freedesktop.resolve1. An unprivileged local attacker could call all DBus methods, even when marked as privileged operations. An attacker could abuse this flaw by changing the DNS, Search Domain, LLMNR, DNSSEC and other network link settings without any authorization, allowing control of the network names resolution process and cause the system to communicate with wrong or malicious servers. Those operations should be performed only by an high-privileged user.
Solution
arch-linux-upgrade-latest
References
- CVE-2019-15718
- https://attackerkb.com/topics/CVE-2019-15718
- URL-http://www.openwall.com/lists/oss-security/2019/09/03/1
- URL-https://access.redhat.com/errata/RHSA-2019:3592
- URL-https://access.redhat.com/errata/RHSA-2019:3941
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=1746057
- URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRE5IS24XTF5WNZGH2L7GSQJKARBOEGL/
- URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HIKGKXZ5OEGOEYURHLJHEMFYNLEGAW5B/
- URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2WNHRJW4XI6H5YMDG4BUFGPAXWUMUVG/
- URL-https://security.archlinux.org/ASA-201910-3
- URL-https://www.openwall.com/lists/oss-security/2019/09/03/1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.