CVE-2018-15686 log

Source
Severity High
Remote No
Type Privilege escalation
Description
A security issue has been found in systemd up to and including 239, where the use of fgets() allows an attacker to escalate privilege via a crafted service with NotifyAccess.
Group Package Affected Fixed Severity Status Ticket
AVG-789 systemd 239.2-1 239.300-1 Critical Fixed FS#60609
Date Advisory Group Package Severity Description
07 Nov 2018 ASA-201811-11 AVG-789 systemd Critical multiple issues
References
https://bugs.chromium.org/p/project-zero/issues/detail?id=1687
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1796402
https://github.com/systemd/systemd/pull/10447
https://github.com/systemd/systemd/pull/10450