CVE-2018-1049
In systemd prior to 234 a race condition exists between .mount and .automount units such that automount requests from kernel may not be serviced by systemd resulting in kernel holding the mountpoint and any processes that try to use said mount will hang. A race condition like this may lead to denial of service, until mount points are unmounted.
Published : 2018-02-16 21:29 Updated : 2019-10-09 23:38
CVSS Score
More info
Score 4.3 / 10
A vulnerability exploitable with network access means the vulnerable software is bound to the network stack and the attacker does not require local network access or local access. Such a vulnerability is often termed "remotely exploitable". An example of a network attack is an RPC buffer overflow.
The access conditions are somewhat specialized; the following are examples:
- The attacking party is limited to a group of systems or users at some level of authorization, possibly untrusted.
- Some information must be gathered before a successful attack can be launched.
- The affected configuration is non-default, and is not commonly configured (e.g., a vulnerability present when a server performs user account authentication via a specific scheme, but not present for another authentication scheme).
- The attack requires a small amount of social engineering that might occasionally fool cautious users (e.g., phishing attacks that modify a web browsers status bar to show a false link, having to be on someones buddy list before sending an IM exploit).
Authentication is not required to exploit the vulnerability.
There is no impact to the confidentiality of the system.
There is no impact to the integrity of the system.
There is reduced performance or interruptions in resource availability. An example is a network-based flood attack that permits a limited number of successful connections to an Internet service.
| Vendor | Product | Version | URI |
|---|---|---|---|
| Freedesktop | Systemd | 233 | cpe:/a:freedesktop:systemd:233 |
| Redhat | Enterprise Linux | 7.0 | cpe:/o:redhat:enterprise_linux:7.0 |
| Redhat | Enterprise Linux Desktop | 7.0 | cpe:/o:redhat:enterprise_linux_desktop:7.0 |
| Redhat | Enterprise Linux Server | 7.0 | cpe:/o:redhat:enterprise_linux_server:7.0 |
| Redhat | Enterprise Linux Workstation | 7.0 | cpe:/o:redhat:enterprise_linux_workstation:7.0 |
| Canonical | Ubuntu Linux | 14.04 | cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ |
| Canonical | Ubuntu Linux | 16.04 | cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~ |
| Debian | Debian Linux | 8.0 | cpe:/o:debian:debian_linux:8.0 |
| Redhat | Enterprise Linux Aus | 7.4 | cpe:/o:redhat:enterprise_linux_aus:7.4 |
| Redhat | Enterprise Linux Aus | 7.6 | cpe:/o:redhat:enterprise_linux_aus:7.6 |
| Redhat | Enterprise Linux Server Aus | 7.4 | cpe:/o:redhat:enterprise_linux_server_aus:7.4 |
| Redhat | Enterprise Linux Server Aus | 7.6 | cpe:/o:redhat:enterprise_linux_server_aus:7.6 |
| Redhat | Enterprise Linux Server Eus | 7.4 | cpe:/o:redhat:enterprise_linux_server_eus:7.4 |
| Redhat | Enterprise Linux Server Eus | 7.5 | cpe:/o:redhat:enterprise_linux_server_eus:7.5 |
| Redhat | Enterprise Linux Server Eus | 7.6 | cpe:/o:redhat:enterprise_linux_server_eus:7.6 |
| Redhat | Enterprise Linux Server Tus | 7.4 | cpe:/o:redhat:enterprise_linux_server_tus:7.4 |
| Redhat | Enterprise Linux Server Tus | 7.6 | cpe:/o:redhat:enterprise_linux_server_tus:7.6 |
| Freedesktop | Systemd | 1 | cpe:/a:freedesktop:systemd:1 |
| Freedesktop | Systemd | 2 | cpe:/a:freedesktop:systemd:2 |
| Freedesktop | Systemd | 3 | cpe:/a:freedesktop:systemd:3 |
| Freedesktop | Systemd | 4 | cpe:/a:freedesktop:systemd:4 |
| Freedesktop | Systemd | 5 | cpe:/a:freedesktop:systemd:5 |
| Freedesktop | Systemd | 6 | cpe:/a:freedesktop:systemd:6 |
| Freedesktop | Systemd | 7 | cpe:/a:freedesktop:systemd:7 |
| Freedesktop | Systemd | 8 | cpe:/a:freedesktop:systemd:8 |
| Freedesktop | Systemd | 9 | cpe:/a:freedesktop:systemd:9 |
| Freedesktop | Systemd | 10 | cpe:/a:freedesktop:systemd:10 |
| Freedesktop | Systemd | 11 | cpe:/a:freedesktop:systemd:11 |
| Freedesktop | Systemd | 12 | cpe:/a:freedesktop:systemd:12 |
| Freedesktop | Systemd | 13 | cpe:/a:freedesktop:systemd:13 |
| Freedesktop | Systemd | 14 | cpe:/a:freedesktop:systemd:14 |
| Freedesktop | Systemd | 15 | cpe:/a:freedesktop:systemd:15 |
| Freedesktop | Systemd | 16 | cpe:/a:freedesktop:systemd:16 |
| Freedesktop | Systemd | 17 | cpe:/a:freedesktop:systemd:17 |
| Freedesktop | Systemd | 18 | cpe:/a:freedesktop:systemd:18 |
| Freedesktop | Systemd | 19 | cpe:/a:freedesktop:systemd:19 |
| Freedesktop | Systemd | 20 | cpe:/a:freedesktop:systemd:20 |
| Freedesktop | Systemd | 21 | cpe:/a:freedesktop:systemd:21 |
| Freedesktop | Systemd | 22 | cpe:/a:freedesktop:systemd:22 |
| Freedesktop | Systemd | 23 | cpe:/a:freedesktop:systemd:23 |
| Freedesktop | Systemd | 24 | cpe:/a:freedesktop:systemd:24 |
| Freedesktop | Systemd | 25 | cpe:/a:freedesktop:systemd:25 |
| Freedesktop | Systemd | 26 | cpe:/a:freedesktop:systemd:26 |
| Freedesktop | Systemd | 27 | cpe:/a:freedesktop:systemd:27 |
| Freedesktop | Systemd | 28 | cpe:/a:freedesktop:systemd:28 |
| Freedesktop | Systemd | 29 | cpe:/a:freedesktop:systemd:29 |
| Freedesktop | Systemd | 30 | cpe:/a:freedesktop:systemd:30 |
| Freedesktop | Systemd | 31 | cpe:/a:freedesktop:systemd:31 |
| Freedesktop | Systemd | 32 | cpe:/a:freedesktop:systemd:32 |
| Freedesktop | Systemd | 33 | cpe:/a:freedesktop:systemd:33 |
| Freedesktop | Systemd | 34 | cpe:/a:freedesktop:systemd:34 |
| Freedesktop | Systemd | 35 | cpe:/a:freedesktop:systemd:35 |
| Freedesktop | Systemd | 36 | cpe:/a:freedesktop:systemd:36 |
| Freedesktop | Systemd | 37 | cpe:/a:freedesktop:systemd:37 |
| Freedesktop | Systemd | 38 | cpe:/a:freedesktop:systemd:38 |
| Freedesktop | Systemd | 39 | cpe:/a:freedesktop:systemd:39 |
| Freedesktop | Systemd | 40 | cpe:/a:freedesktop:systemd:40 |
| Freedesktop | Systemd | 41 | cpe:/a:freedesktop:systemd:41 |
| Freedesktop | Systemd | 42 | cpe:/a:freedesktop:systemd:42 |
| Freedesktop | Systemd | 43 | cpe:/a:freedesktop:systemd:43 |
| Freedesktop | Systemd | 44 | cpe:/a:freedesktop:systemd:44 |
| Freedesktop | Systemd | 045 | cpe:/a:freedesktop:systemd:045 |
| Freedesktop | Systemd | 046 | cpe:/a:freedesktop:systemd:046 |
| Freedesktop | Systemd | 047 | cpe:/a:freedesktop:systemd:047 |
| Freedesktop | Systemd | 048 | cpe:/a:freedesktop:systemd:048 |
| Freedesktop | Systemd | 049 | cpe:/a:freedesktop:systemd:049 |
| Freedesktop | Systemd | 050 | cpe:/a:freedesktop:systemd:050 |
| Freedesktop | Systemd | 051 | cpe:/a:freedesktop:systemd:051 |
| Freedesktop | Systemd | 052 | cpe:/a:freedesktop:systemd:052 |
| Freedesktop | Systemd | 053 | cpe:/a:freedesktop:systemd:053 |
| Freedesktop | Systemd | 054 | cpe:/a:freedesktop:systemd:054 |
| Freedesktop | Systemd | 055 | cpe:/a:freedesktop:systemd:055 |
| Freedesktop | Systemd | 056 | cpe:/a:freedesktop:systemd:056 |
| Freedesktop | Systemd | 057 | cpe:/a:freedesktop:systemd:057 |
| Freedesktop | Systemd | 058 | cpe:/a:freedesktop:systemd:058 |
| Freedesktop | Systemd | 059 | cpe:/a:freedesktop:systemd:059 |
| Freedesktop | Systemd | 060 | cpe:/a:freedesktop:systemd:060 |
| Freedesktop | Systemd | 061 | cpe:/a:freedesktop:systemd:061 |
| Freedesktop | Systemd | 062 | cpe:/a:freedesktop:systemd:062 |
| Freedesktop | Systemd | 064 | cpe:/a:freedesktop:systemd:064 |
| Freedesktop | Systemd | 174 | cpe:/a:freedesktop:systemd:174 |
| Freedesktop | Systemd | 175 | cpe:/a:freedesktop:systemd:175 |
| Freedesktop | Systemd | 176 | cpe:/a:freedesktop:systemd:176 |
| Freedesktop | Systemd | 177 | cpe:/a:freedesktop:systemd:177 |
| Freedesktop | Systemd | 178 | cpe:/a:freedesktop:systemd:178 |
| Freedesktop | Systemd | 179 | cpe:/a:freedesktop:systemd:179 |
| Freedesktop | Systemd | 180 | cpe:/a:freedesktop:systemd:180 |
| Freedesktop | Systemd | 181 | cpe:/a:freedesktop:systemd:181 |
| Freedesktop | Systemd | 182 | cpe:/a:freedesktop:systemd:182 |
| Freedesktop | Systemd | 183 | cpe:/a:freedesktop:systemd:183 |
| Freedesktop | Systemd | 184 | cpe:/a:freedesktop:systemd:184 |
| Freedesktop | Systemd | 185 | cpe:/a:freedesktop:systemd:185 |
| Freedesktop | Systemd | 186 | cpe:/a:freedesktop:systemd:186 |
| Freedesktop | Systemd | 187 | cpe:/a:freedesktop:systemd:187 |
| Freedesktop | Systemd | 188 | cpe:/a:freedesktop:systemd:188 |
| Freedesktop | Systemd | 189 | cpe:/a:freedesktop:systemd:189 |
| Freedesktop | Systemd | 190 | cpe:/a:freedesktop:systemd:190 |
| Freedesktop | Systemd | 191 | cpe:/a:freedesktop:systemd:191 |
| Freedesktop | Systemd | 192 | cpe:/a:freedesktop:systemd:192 |
| Freedesktop | Systemd | 193 | cpe:/a:freedesktop:systemd:193 |
| Freedesktop | Systemd | 194 | cpe:/a:freedesktop:systemd:194 |
| Freedesktop | Systemd | 195 | cpe:/a:freedesktop:systemd:195 |
| Freedesktop | Systemd | 196 | cpe:/a:freedesktop:systemd:196 |
| Freedesktop | Systemd | 197 | cpe:/a:freedesktop:systemd:197 |
| Freedesktop | Systemd | 198 | cpe:/a:freedesktop:systemd:198 |
| Freedesktop | Systemd | 199 | cpe:/a:freedesktop:systemd:199 |
| Freedesktop | Systemd | 200 | cpe:/a:freedesktop:systemd:200 |
| Freedesktop | Systemd | 201 | cpe:/a:freedesktop:systemd:201 |
| Freedesktop | Systemd | 202 | cpe:/a:freedesktop:systemd:202 |
| Freedesktop | Systemd | 203 | cpe:/a:freedesktop:systemd:203 |
| Freedesktop | Systemd | 204 | cpe:/a:freedesktop:systemd:204 |
| Freedesktop | Systemd | 205 | cpe:/a:freedesktop:systemd:205 |
| Freedesktop | Systemd | 206 | cpe:/a:freedesktop:systemd:206 |
| Freedesktop | Systemd | 207 | cpe:/a:freedesktop:systemd:207 |
| Freedesktop | Systemd | 208 | cpe:/a:freedesktop:systemd:208 |
| Freedesktop | Systemd | 209 | cpe:/a:freedesktop:systemd:209 |
| Freedesktop | Systemd | 210 | cpe:/a:freedesktop:systemd:210 |
| Freedesktop | Systemd | 211 | cpe:/a:freedesktop:systemd:211 |
| Freedesktop | Systemd | 212 | cpe:/a:freedesktop:systemd:212 |
| Freedesktop | Systemd | 213 | cpe:/a:freedesktop:systemd:213 |
| Freedesktop | Systemd | 214 | cpe:/a:freedesktop:systemd:214 |
| Freedesktop | Systemd | 215 | cpe:/a:freedesktop:systemd:215 |
| Freedesktop | Systemd | 216 | cpe:/a:freedesktop:systemd:216 |
| Freedesktop | Systemd | 217 | cpe:/a:freedesktop:systemd:217 |
| Freedesktop | Systemd | 218 | cpe:/a:freedesktop:systemd:218 |
| Freedesktop | Systemd | 219 | cpe:/a:freedesktop:systemd:219 |
| Freedesktop | Systemd | 220 | cpe:/a:freedesktop:systemd:220 |
| Freedesktop | Systemd | 221 | cpe:/a:freedesktop:systemd:221 |
| Freedesktop | Systemd | 222 | cpe:/a:freedesktop:systemd:222 |
| Freedesktop | Systemd | 223 | cpe:/a:freedesktop:systemd:223 |
| Freedesktop | Systemd | 224 | cpe:/a:freedesktop:systemd:224 |
| Freedesktop | Systemd | 225 | cpe:/a:freedesktop:systemd:225 |
| Freedesktop | Systemd | 226 | cpe:/a:freedesktop:systemd:226 |
| Freedesktop | Systemd | 227 | cpe:/a:freedesktop:systemd:227 |
| Freedesktop | Systemd | 228 | cpe:/a:freedesktop:systemd:228 |
| Freedesktop | Systemd | 229 | cpe:/a:freedesktop:systemd:229 |
| Freedesktop | Systemd | 230 | cpe:/a:freedesktop:systemd:230 |
| Freedesktop | Systemd | 231 | cpe:/a:freedesktop:systemd:231 |
| Freedesktop | Systemd | 232 | cpe:/a:freedesktop:systemd:232 |
-
Freedesktop (1) Search CVE
-
Systemd (123) Search CVE
-
233
-
1
-
2
-
3
-
4
-
5
-
6
-
7
-
8
-
9
-
10
-
11
-
12
-
13
-
14
-
15
-
16
-
17
-
18
-
19
-
20
-
21
-
22
-
23
-
24
-
25
-
26
-
27
-
28
-
29
-
30
-
31
-
32
-
33
-
34
-
35
-
36
-
37
-
38
-
39
-
40
-
41
-
42
-
43
-
44
-
045
-
046
-
047
-
048
-
049
-
050
-
051
-
052
-
053
-
054
-
055
-
056
-
057
-
058
-
059
-
060
-
061
-
062
-
064
-
174
-
175
-
176
-
177
-
178
-
179
-
180
-
181
-
182
-
183
-
184
-
185
-
186
-
187
-
188
-
189
-
190
-
191
-
192
-
193
-
194
-
195
-
196
-
197
-
198
-
199
-
200
-
201
-
202
-
203
-
204
-
205
-
206
-
207
-
208
-
209
-
210
-
211
-
212
-
213
-
214
-
215
-
216
-
217
-
218
-
219
-
220
-
221
-
222
-
223
-
224
-
225
-
226
-
227
-
228
-
229
-
230
-
231
-
232
-
-
-
Redhat (8) Search CVE
-
Enterprise Linux Server Tus (2) Search CVE
-
7.4
-
7.6
-
-
Enterprise Linux Server (1) Search CVE
-
7.0
-
-
Enterprise Linux Desktop (1) Search CVE
-
7.0
-
-
Enterprise Linux Workstation (1) Search CVE
-
7.0
-
-
Enterprise Linux (1) Search CVE
-
7.0
-
-
Enterprise Linux Server Eus (3) Search CVE
-
7.4
-
7.5
-
7.6
-
-
Enterprise Linux Server Aus (2) Search CVE
-
7.4
-
7.6
-
-
Enterprise Linux Aus (2) Search CVE
-
7.4
-
7.6
-
-
-
Debian (1) Search CVE
-
Debian Linux (1) Search CVE
-
8.0
-
-
-
Canonical (1) Search CVE
-
Ubuntu Linux (2) Search CVE
-
14.04
-
16.04
-
-
CWE
| ID | Name | Description | Links | |
|---|---|---|---|---|
| CWE-362 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') | The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently. | CVE | |
References
History of changes
| Date | Event | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| 2019-10-09 23:38 |
122 added
|
||||||||
| 2019-04-26 13:07 |
12 added
1 removed
4 changed
|
||||||||
| 2018-11-20 11:29 | |||||||||
| 2018-08-28 10:29 |
1 added
|
||||||||
| 2018-03-16 01:29 |
1 added
|
||||||||
| 2018-03-14 17:48 |
2 changed
6 added
|
||||||||
| 2018-02-18 02:29 | |||||||||
| 2018-02-16 21:29 |
New CVE |