Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 686422 (CVE-2018-20839) - <sys-apps/systemd-243: unauthorized disclosure of information (VT kbd reset check)
Summary: <sys-apps/systemd-243: unauthorized disclosure of information (VT kbd reset c...
Status: RESOLVED FIXED
Alias: CVE-2018-20839
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/systemd/systemd/pu...
Whiteboard: A4 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-05-20 23:58 UTC by D'juan McDonald (domhnall)
Modified: 2020-05-04 01:11 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description D'juan McDonald (domhnall) 2019-05-20 23:58:38 UTC 
(https://nvd.nist.gov/vuln/detail/CVE-2018-20839):

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

references: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993

@maintainer(s): Milestone for v243 release

Gentoo Security Padawan
(domhnall)
Comment 1 Aaron Bauman (RETIRED) gentoo-dev 2019-05-21 00:22:10 UTC 
Commit is upstream in master:

https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f
Comment 2 Mike Gilbert gentoo-dev 2019-07-10 18:10:18 UTC 
Waiting for this to be fixed.

https://github.com/systemd/systemd/issues/12616
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-04-26 03:27:04 UTC 
(In reply to Mike Gilbert from comment #2)
> Waiting for this to be fixed.
> 
> https://github.com/systemd/systemd/issues/12616

Fixed in https://github.com/systemd/systemd/pull/13109

... which seems to have landed in v243. So tree is clean?