CVE-2018-16888

CVE-2018-16888

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable.

Source: CVE-2018-16888

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다