CVE-2018-20839

2019-05-17T04:29:00
ID CVE-2018-20839
Type cve
Reporter cve@mitre.org
Modified 2019-05-30T08:29:00

Description

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.