vulnerability
CentOS Linux: CVE-2020-13776: Moderate: systemd security, bug fix, and enhancement update (CESA-2021:1611)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:H/Au:N/C:C/I:C/A:C) | Jun 3, 2020 | Jun 1, 2021 | May 25, 2023 |
Severity
6
CVSS
(AV:L/AC:H/Au:N/C:C/I:C/A:C)
Published
Jun 3, 2020
Added
Jun 1, 2021
Modified
May 25, 2023
Description
systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.
Solutions
centos-upgrade-systemdcentos-upgrade-systemd-containercentos-upgrade-systemd-container-debuginfocentos-upgrade-systemd-debuginfocentos-upgrade-systemd-debugsourcecentos-upgrade-systemd-develcentos-upgrade-systemd-journal-remotecentos-upgrade-systemd-journal-remote-debuginfocentos-upgrade-systemd-libscentos-upgrade-systemd-libs-debuginfocentos-upgrade-systemd-pamcentos-upgrade-systemd-pam-debuginfocentos-upgrade-systemd-testscentos-upgrade-systemd-tests-debuginfocentos-upgrade-systemd-udevcentos-upgrade-systemd-udev-debuginfo
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.