Arbitrary File Permission Vulnerability in systemd (CVE-2018-16865)

Arbitrary File Permission Vulnerability in systemd (CVE-2018-16865)

CVE-2018-15687 · HIGH Severity

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.

Learn more about our Web Application Penetration Testing UK.