CVE-2020-13776

Publication date 3 June 2020

Last updated 25 August 2025


Ubuntu priority

Cvss 3 Severity Score

6.7 · Medium

Score breakdown

Description

systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.

Read the notes from the security team

Mitigation

mdeslaur> Do not create systemd service units with a User= value set to mdeslaur> a numerical username or a username that starts with 0x

Status

Package Ubuntu Release Status
systemd 20.04 LTS focal Ignored
19.10 eoan Ignored end of life
18.04 LTS bionic Ignored
16.04 LTS xenial Ignored
14.04 LTS trusty Ignored

Notes


mdeslaur

The administrator would have to create a systemd service unit with a numerical username or a username starting with 0x as a User= value, and that particular userid would need to exist on the system. Setting priority to low due to this unlikely scenario. Fixing this requires an extensive backport that refactors integer parsing in systemd and the risk of regressions stemming from the behavioural change outweighs the severity of this issue. We will not be fixing this issue in stable Ubuntu releases.

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
systemd

Severity score breakdown

Parameter Value
Base score 6.7 · Medium
Attack vector Local
Attack complexity High
Privileges required Low
User interaction Required
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H