suse · CVE-2018-15686

Quick triage

Priority: medium Published: 2021-05-30 14:15:59 UTC Updated: 2025-11-05 03:25:30 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-15686 severity moderate: SUSE including 688 source package names (0.1.0:libsystemd0-234-24.15.1, 0.1.0:libudev1-234-24.15.1, …), 1417 product×package rows across 216 product lines (Container caasp/v4/389-ds, Container caasp/v4/busybox, … (216 product lines)): Fixed 1260, Known Affected 157.

Description:

A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and including 239.

cvelogic Threat Intelligence