CVE-2020-1712 log

Severity High
Remote No
Type Privilege escalation
A heap use-after-free vulnerability was found in systemd before version 244.2, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse this flaw to crash systemd services or potentially execute code and elevate their privileges, by sending specially crafted dbus messages.
Group Package Affected Fixed Severity Status Ticket
AVG-1094 systemd 244.1-1 244.2-1 High Fixed
Date Advisory Group Package Severity Type
12 Feb 2020 ASA-202002-8 AVG-1094 systemd High privilege escalation