cve/CVE-2018-20839.md at 410e68ca9dddb67493d84ae4fe8e1a9e392594db

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

POC

Reference

No PoCs from references.

Github

https://github.com/garethr/snykout
https://github.com/juaromu/wazuh-snyk
https://github.com/simonsdave/clair-cicd

804 B Raw Blame History

CVE-2018-20839

Description

POC

Reference

Github

804 B

Raw Blame History