CVE-2018-20839 — MEDIUM (4.3)

Vulnerability Description

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Systemd Project	Systemd	242
Netapp	Cn1610 Firmware	-
Netapp	Cn1610	-
Netapp	Snapprotect	-
Netapp	Solidfire \& Hci Management Node	-

References

http://www.securityfocus.com/bid/108389Broken LinkThird Party AdvisoryVDB Entry
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993Issue TrackingThird Party Advisory
https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb32Patch
https://github.com/systemd/systemd/pull/12378Issue TrackingPatch
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430Mailing List
https://security.netapp.com/advisory/ntap-20190530-0002/Third Party Advisory
http://www.securityfocus.com/bid/108389Broken LinkThird Party AdvisoryVDB Entry
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993Issue TrackingThird Party Advisory
https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb32Patch
https://github.com/systemd/systemd/pull/12378Issue TrackingPatch
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430Mailing List
https://security.netapp.com/advisory/ntap-20190530-0002/Third Party Advisory

FAQ

What is CVE-2018-20839?

CVE-2018-20839 is a vulnerability with a CVSS score of 4.3 (MEDIUM). systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occ...

How severe is CVE-2018-20839?

CVE-2018-20839 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-20839?

Check the references section above for vendor advisories and patch information. Affected products include: Systemd Project Systemd, Netapp Cn1610 Firmware, Netapp Cn1610, Netapp Snapprotect, Netapp Solidfire \& Hci Management Node.