CVE-2018-20839

low-risk
Published 2019-05-17

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

Do I need to act?

-
0.66% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.3/10 Medium
PHYSICAL / LOW complexity

Affected Products (4)

Affected Vendors

Netapp Systemd Project

References (12)

Broken Link http://www.securityfocus.com/bid/108389
Issue Tracking https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993
Patch https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb32...
Issue Tracking https://github.com/systemd/systemd/pull/12378
Mailing List https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430...
Third Party Advisory https://security.netapp.com/advisory/ntap-20190530-0002/
Broken Link http://www.securityfocus.com/bid/108389
Issue Tracking https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993
Patch https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb32...
Issue Tracking https://github.com/systemd/systemd/pull/12378
Mailing List https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430...
Third Party Advisory https://security.netapp.com/advisory/ntap-20190530-0002/
27
/ 100
low-risk
Severity 15/34 · Moderate
Exploitability 2/34 · Minimal
Exposure 10/34 · Low