systemd Local Privilege Escalation Vulnerability in systemd-machined
Vulnerability
A local privilege escalation vulnerability has been identified in systemd version 259 prior to 260, specifically within the systemd-machined component. This issue arises because varlink can be used to access the root namespace, allowing an unprivileged user in a desktop graphical session to escalate privileges to root. The vulnerability is not present in versions prior to 259 and does not affect terminal-only or remote sessions, such as those conducted via SSH.
Impact
Exploitation of this vulnerability allows unprivileged users in a desktop graphical session to escalate privileges to root.
Remediation
Users can upgrade to systemd version 260 or 259.3 to address this vulnerability. Alternatively, access can be restricted to privileged users only through a Polkit rule, by creating a specific rules file that requires admin authorization for certain actions.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.