Package systemd
Status Vulnerable
Severity Medium
Type arbitrary file overwrite
Affected 239.2-1
Fixed Unknown
Current 239.300-2 [testing]
239.300-1 [core]
Ticket Create
Created Thu Feb 15 22:17:57 2018
Issue Severity Remote Type Description
CVE-2018-6954 Medium No Arbitrary file overwrite
systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of...
Looks like the real fix for this issue has been merged and will make it to 240 (https://github.com/systemd/systemd/pull/8822).