openEuler update for systemd
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2020-13776 CVE-2017-1000082 |
| CWE-ID | CWE-20 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
openEuler Operating systems & Components / Operating system systemd-help Operating systems & Components / Operating system package or component systemd-udev Operating systems & Components / Operating system package or component systemd-debuginfo Operating systems & Components / Operating system package or component systemd-debugsource Operating systems & Components / Operating system package or component systemd-udev-compat Operating systems & Components / Operating system package or component systemd-libs Operating systems & Components / Operating system package or component systemd-journal-remote Operating systems & Components / Operating system package or component systemd-devel Operating systems & Components / Operating system package or component systemd-container Operating systems & Components / Operating system package or component systemd Operating systems & Components / Operating system package or component |
| Vendor | openEuler |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU29539
Risk: Low
CVSSv4.0: 7.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Clear]
CVE-ID: CVE-2020-13776
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to systemd mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1 - 20.03 LTS SP3
systemd-help: before 243-50
systemd-udev: before 243-50
systemd-debuginfo: before 243-50
systemd-debugsource: before 243-50
systemd-udev-compat: before 243-50
systemd-libs: before 243-50
systemd-journal-remote: before 243-50
systemd-devel: before 243-50
systemd-container: before 243-50
systemd: before 243-50
CPE2.3- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP2:*:*:*:*:*:*
- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP3:*:*:*:*:*:*
- cpe:2.3:a:openeuler:systemd-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-udev:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-udev-compat:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-journal-remote:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-container:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1538
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU29540
Risk: Low
CVSSv4.0: 7.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Clear]
CVE-ID: CVE-2017-1000082
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to systemd fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.
MitigationInstall updates from vendor's repository.
Vulnerable software versionsopenEuler: 20.03 LTS SP1 - 20.03 LTS SP3
systemd-help: before 243-50
systemd-udev: before 243-50
systemd-debuginfo: before 243-50
systemd-debugsource: before 243-50
systemd-udev-compat: before 243-50
systemd-libs: before 243-50
systemd-journal-remote: before 243-50
systemd-devel: before 243-50
systemd-container: before 243-50
systemd: before 243-50
CPE2.3- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP1:*:*:*:*:*:*
- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP2:*:*:*:*:*:*
- cpe:2.3:o:openeuler:openeuler:20.03:LTS SP3:*:*:*:*:*:*
- cpe:2.3:a:openeuler:systemd-help:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-udev:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-debuginfo:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-debugsource:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-udev-compat:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-libs:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-journal-remote:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-devel:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd-container:*:*:*:*:*:openeuler:*:*
- cpe:2.3:a:openeuler:systemd:*:*:*:*:*:openeuler:*:*
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-1538
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
