CVE-2018-20839 Information

Description

systemd 242 changes the VT1 mode upon a logout which allows attackers to read cleartext passwords in certain circumstances such as watching a shutdown or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/108389 https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993 https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f https://github.com/systemd/systemd/pull/12378 https://security.netapp.com/advisory/ntap-20190530-0002/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8