PT-2018-1713 · Systemd+5 · Systemd+5

Felix Wilhelm

Published

2018-10-14

Updated

2024-06-15

CVE-2018-15688

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: systemd versions up to and including 239

Description: The issue is caused by incorrect size checking of a temporary buffer in the dhcp6 option append ia() function of the Systemd daemon. This can be exploited by a remote attacker using a specially crafted packet sent to the DHCPv6 server, potentially allowing the execution of arbitrary code or causing a denial of service. The vulnerability affects the dhcp6 client in systemd, allowing a malicious dhcp6 server to overwrite heap memory in systemd-networkd.

Recommendations: For versions up to and including 239, update to a version that includes a fix for this issue to prevent potential exploitation.

Fix

Integer Overflow

Buffer Overflow

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-131CWE-190CWE-120CWE-122

Related Identifiers

ALT-PU-2018-2572

ALT-PU-2018-2584

ALT-PU-2019-1000

BDU:2018-01289

CESA-2018_3665

CESA-2019_0049

CVE-2018-15688

DLA-1580-1

OPENSUSE-SU-2018_3695-1

OPENSUSE-SU-2018_3803-1

OPENSUSE-SU-2024:10602-1

OPENSUSE-SU-2024:11420-1

RHSA-2018:3665

RHSA-2018_3665

RHSA-2019:0049

RHSA-2019_0049

SUSE-SU-2018:3644-1

SUSE-SU-2018:3767-1

SUSE-SU-2018:3767-2

USN-3806-1

USN-3807-1

Affected Products

Alt Linux

Centos

Red Hat

Suse

Ubuntu

Systemd

PT-2018-1713 · Systemd+5 · Systemd+5

CVE-2018-15688

Weakness Enumeration

Related Identifiers

Affected Products

References · 81