PT-2019-1769 · Linux+5 · Systemd+5

Chris Coulson

Published

2019-01-01

Updated

2025-11-07

CVE-2019-6454

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions systemd versions prior to 241-alt2

Description A buffer overflow vulnerability exists in the bus process object() function within systemd. An unprivileged local user can exploit this flaw by sending a specially crafted D-Bus message to PID1, potentially causing a denial of service (systemd PID1 crash and kernel panic). The vulnerability stems from insufficient input validation when handling the path field of a D-Bus message, leading to a stack buffer overflow.

Recommendations Update systemd to version 241-alt2 or later.

Exploit

Fix

DoS

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119

Related Identifiers

ALT-PU-2019-1000

ALT-PU-2019-1265

BDU:2019-01413

CESA-2019_0368

CESA-2019_0990

CVE-2019-6454

DLA-1684-1

DSA-4393-1

OPENSUSE-SU-2019:0255-1

OPENSUSE-SU-2019_0255-1

OPENSUSE-SU-2019_0268-1

OPENSUSE-SU-2019_1450-1

OPENSUSE-SU-2024:11420-1

RHSA-2019:0368

RHSA-2019:0457

RHSA-2019:0461

RHSA-2019:0990

RHSA-2019:1322

RHSA-2019:1502

RHSA-2019:2805

RHSA-2019_0368

RHSA-2019_0990

SUSE-SU-2019:0424-1

SUSE-SU-2019:0425-1

SUSE-SU-2019:0425-2

SUSE-SU-2019:0426-1

SUSE-SU-2019:0428-1

SUSE-SU-2019:1265-1

SUSE-SU-2019:1364-1

SUSE-SU-2019:1364-2

SUSE-SU-2019_0424-1

SUSE-SU-2019_0425-1

SUSE-SU-2019_0425-2

SUSE-SU-2019_0426-1

USN-3891-1

Affected Products

Alt Linux

Centos

Red Hat

Suse

Ubuntu

Systemd

PT-2019-1769 · Linux+5 · Systemd+5

CVE-2019-6454

Weakness Enumeration

Related Identifiers

Affected Products

References · 102