CVE-2020-13776

Priority
Description
systemd through v245 mishandles numerical usernames such as ones composed
of decimal digits or 0x followed by hex digits, as demonstrated by use of
root privileges when privileges of the 0x0 user account were intended.
NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.
Mitigation
mdeslaur> Do not create systemd service units with a User= value set to
mdeslaur> a numerical username or a username that starts with 0x
Notes
mdeslaurThe administrator would have to create a systemd service unit
with a numerical username or a username starting with 0x as a
User= value, and that particular userid would need to exist on
the system. Setting priority to low due to this unlikely
scenario.

Fixing this requires an extensive backport that refactors
integer parsing in systemd and the risk of regressions stemming
from the behavioural change outweighs the severity of this
issue. We will not be fixing this issue in stable Ubuntu
releases.
Package
Upstream:released (246-2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):ignored
Ubuntu 18.04 LTS (Bionic Beaver):ignored
Ubuntu 20.04 LTS (Focal Fossa):ignored
Ubuntu 20.10 (Groovy Gorilla):not-affected (246.6-1ubuntu1)
Patches:
Upstream:https://github.com/systemd/systemd/commit/156a5fd297b61bce31630d7a52c15614bf784843
Upstream:https://github.com/systemd/systemd/commit/6495ceddf38aed2c9efdcf9d3440140190800b55
More Information

Updated: 2020-10-15 16:16:23 UTC (commit 6d0f0f15f4e1ea619c3f7bb51be0c2a289cb51c3)