CVE-2018-16864
CVSS V2 Medium 4.6
CVSS V3 High 7.8
Description
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable.
Overview
- CVE ID
- CVE-2018-16864
- Assigner
- secalert@redhat.com
- Vulnerability Status
- Modified
- Published Version
- 2019-01-11T20:29:00
- Last Modified Date
- 2023-02-13T04:51:52
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:systemd_project:systemd:*:*:*:*:*:*:*:* | 1 | OR | 240 | |
| cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_server:7.4:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_server:7.5:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* | 1 | OR | ||
| cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* | 1 | OR | ||
| cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:oracle:enterprise_communications_broker:3.0.0:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:* | 1 | OR |
CVSS Version 2
- Version
- 2.0
- Vector String
- AV:L/AC:L/Au:N/C:P/I:P/A:P
- Access Vector
- LOCAL
- Access Compatibility
- LOW
- Authentication
- NONE
- Confidentiality Impact
- PARTIAL
- Integrity Impact
- PARTIAL
- Availability Impact
- PARTIAL
- Base Score
- 4.6
- Severity
- MEDIUM
- Exploitability Score
- 3.9
- Impact Score
- 6.4
CVSS Version 3
- Version
- 3.1
- Vector String
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Attack Vector
- LOCAL
- Attack Compatibility
- LOW
- Privileges Required
- LOW
- User Interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality Impact
- HIGH
- Availability Impact
- HIGH
- Base Score
- 7.8
- Base Severity
- HIGH
- Exploitability Score
- 1.8
- Impact Score
- 5.9
References
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2018-16864 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16864 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-05-10 06:35:41 | Added to TrackCVE | |||
| 2022-12-03 16:21:35 | 2019-01-11T20:29Z | 2019-01-11T20:29:00 | CVE Published Date | updated |
| 2022-12-03 16:21:35 | 2022-01-31T18:31:14 | CVE Modified Date | updated | |
| 2022-12-03 16:21:35 | Analyzed | Vulnerability Status | updated | |
| 2023-02-02 22:09:00 | 2023-02-02T21:18:12 | CVE Modified Date | updated | |
| 2023-02-02 22:09:00 | Analyzed | Modified | Vulnerability Status | updated |
| 2023-02-02 22:09:00 | An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. | An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges. | Description | updated |
| 2023-02-02 22:09:02 | References | updated | ||
| 2023-02-13 05:10:34 | 2023-02-13T04:51:52 | CVE Modified Date | updated | |
| 2023-02-13 05:10:34 | An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges. | An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. | Description | updated |