vulnerability
Red Hat: CVE-2020-13776: CVE-2020-13776 systemd: Mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:H/Au:N/C:C/I:C/A:C) | Jun 3, 2020 | May 21, 2021 | Aug 11, 2025 |
Severity
6
CVSS
(AV:L/AC:H/Au:N/C:C/I:C/A:C)
Published
Jun 3, 2020
Added
May 21, 2021
Modified
Aug 11, 2025
Description
systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.
Solutions
no-fix-redhat-rpm-packageredhat-upgrade-systemdredhat-upgrade-systemd-containerredhat-upgrade-systemd-container-debuginforedhat-upgrade-systemd-debuginforedhat-upgrade-systemd-debugsourceredhat-upgrade-systemd-develredhat-upgrade-systemd-journal-remoteredhat-upgrade-systemd-journal-remote-debuginforedhat-upgrade-systemd-libsredhat-upgrade-systemd-libs-debuginforedhat-upgrade-systemd-pamredhat-upgrade-systemd-pam-debuginforedhat-upgrade-systemd-testsredhat-upgrade-systemd-tests-debuginforedhat-upgrade-systemd-udevredhat-upgrade-systemd-udev-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.