CVE-2019-3843

Priority
Description
It was discovered that a systemd service that uses DynamicUser property can
create a SUID/SGID binary that would be allowed to run as the transient
service UID/GID even after the service is terminated. A local attacker may
use this flaw to access resources that will be owned by a potentially
different service in the future, when the UID/GID will be recycled.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):released (237-3ubuntu10.38)
Ubuntu 19.10 (Eoan Ermine):not-affected (242-7ubuntu3.2)
Ubuntu 20.04 (Focal Fossa):not-affected (244.1-0ubuntu2)
Patches:
Upstream:https://github.com/systemd/systemd/commit/3c27973b13724ede05a06a5d346a569794cda433
Upstream:https://github.com/systemd/systemd/commit/f69567cbe26d09eac9d387c0be0fc32c65a83ada
Upstream:https://github.com/systemd/systemd/commit/9d880b70ba5c6ca83c82952f4c90e86e56c7b70c
Upstream:https://github.com/systemd/systemd/commit/7445db6eb70e8d5989f481d0c5a08ace7047ae5b
Upstream:https://github.com/systemd/systemd/commit/62aa29247c3d74bcec0607c347f2be23cd90675d
Upstream:https://github.com/systemd/systemd/commit/bf65b7e0c9fc215897b676ab9a7c9d1c688143ba
Upstream:https://github.com/systemd/systemd-stable/commit/9e6e543c173460f394ea13c9b2aa572aef1f6833
Upstream:https://github.com/systemd/systemd-stable/commit/3c27973b13724ede05a06a5d346a569794cda433
Upstream:https://github.com/systemd/systemd-stable/commit/167fc10cb352b04d442c9010dab4f8dc24219749
Upstream:https://github.com/systemd/systemd-stable/commit/f69567cbe26d09eac9d387c0be0fc32c65a83ada
Upstream:https://github.com/systemd/systemd-stable/commit/9d880b70ba5c6ca83c82952f4c90e86e56c7b70c
Upstream:https://github.com/systemd/systemd-stable/commit/7445db6eb70e8d5989f481d0c5a08ace7047ae5b
Upstream:https://github.com/systemd/systemd-stable/commit/62aa29247c3d74bcec0607c347f2be23cd90675d
Upstream:https://github.com/systemd/systemd-stable/commit/bf65b7e0c9fc215897b676ab9a7c9d1c688143ba
More Information

Updated: 2020-02-05 18:15:18 UTC (commit 1ebdd381034966b617b2f0962b7d8237bb2694ea)