CVE-2016-10156

EPSS 0.81%
Published 23.01.2017 07:59:00
Last modified 20.04.2025 01:37:25
Source cve@mitre.org
Teams watchlist Login
Open Login

A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.

Affected products Warnungen 0 Metrics 3 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Systemd Project ≫ Systemd Version228

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.81%	0.72

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

http://www.securityfocus.com/bid/95790

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1037686

https://bugzilla.suse.com/show_bug.cgi?id=1020601

Issue Tracking

https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e

Patch

Third Party Advisory

Issue Tracking

https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f

Patch

Third Party Advisory

Issue Tracking

https://www.exploit-db.com/exploits/41171/

https://nvd.nist.gov/vuln/detail/CVE-2016-10156

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-10156

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-10156

EUVD