CVE-2019-15718

2019-09-04T07:23:41
ID RH:CVE-2019-15718
Type redhatcve
Reporter redhat.com
Modified 2021-03-18T17:56:19

Description

An improper authorization flaw was discovered in systemd-resolved in the way it configures the exposed DBus interface org.freedesktop.resolve1. An unprivileged local attacker could call all DBus methods, even when marked as privileged operations. An attacker could abuse this flaw by changing the DNS, Search Domain, LLMNR, DNSSEC and other network link settings without any authorization, allowing control of the network names resolution process and cause the system to communicate with wrong or malicious servers.

Mitigation

Disable systemd-resolved service by using sudo systemctl disable systemd-resolved.