Fluid Attacks Database

Description

systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	plymouth	>=0 <0.9.4-1	0.9.4-1
debian 11	plymouth	>=0 <0.9.4-1	0.9.4-1
debian 12	plymouth	>=0 <0.9.4-1	0.9.4-1
debian 13	plymouth	>=0 <0.9.4-1	0.9.4-1
rpm rhel8	systemd	-	-

Aliases

1. CVE-2018-208392. NVD-2018-208393. OSV-DEBIAN-2018-208394. OSV-2018-208395. SECURITY-TRACKER-CVE-2018-20839