PT-2020-5133 · Systemd+6 · Systemd+6

Hexiaowen

Published

2019-09-05

Updated

2024-06-15

CVE-2019-20386

CVSS v3.1

5.1

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions systemd versions prior to 243

Description The issue is related to a memory leak in the systemd subsystem, specifically in the button open function in login/logind-button.c. This memory leak may occur when executing the udevadm trigger command. The exploitation of this issue could allow an attacker to cause a denial of service.

Recommendations For versions prior to 243, update to version 243 or later to resolve the issue. As a temporary workaround, consider restricting the use of the udevadm trigger command until a patch is available.

Fix

Memory Leak

Missing Release of Resource after Effective Lifetime

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-772

Related Identifiers

ALT-PU-2019-2645

ALT-PU-2020-1301

BDU:2020-05729

CESA-2020_4007

CESA-2020_4553

CVE-2019-20386

MGASA-2020-0094

OPENSUSE-SU-2020:0208-1

OPENSUSE-SU-2020_0208-1

OPENSUSE-SU-2024:11420-1

RHSA-2020:4007

RHSA-2020:4553

RHSA-2020_4007

RHSA-2020_4553

SUSE-SU-2020:0335-1

SUSE-SU-2020:1828-1

SUSE-SU-2020:1842-1

SUSE-SU-2020_0335-1

SUSE-SU-2020_1828-1

SUSE-SU-2020_1842-1

USN-4269-1

Affected Products

Alt Linux

Astra Linux

Centos

Red Hat

Suse

Ubuntu

Systemd

PT-2020-5133 · Systemd+6 · Systemd+6

CVE-2019-20386

Weakness Enumeration

Related Identifiers

Affected Products

References · 79