{"id":"CVE-2016-10156","details":"A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.","modified":"2026-04-11T03:43:37.514167Z","published":"2017-01-23T07:59:00.347Z","related":["SUSE-SU-2017:0279-1","openSUSE-SU-2024:11420-1"],"references":[{"type":"WEB","url":"http://www.securitytracker.com/id/1037686"},{"type":"WEB","url":"https://www.exploit-db.com/exploits/41171/"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/95790"},{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=1020601"},{"type":"FIX","url":"https://github.com/systemd/systemd/commit/06eeacb6fe029804f296b065b3ce91e796e1cd0e"},{"type":"FIX","url":"https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/systemd/systemd","events":[{"introduced":"0"},{"last_affected":"dd050decb6ad131ebdeabb71c4f9ecb4733269c0"},{"fixed":"06eeacb6fe029804f296b065b3ce91e796e1cd0e"},{"fixed":"ee735086f8670be1591fa9593e80dd60163a7a2f"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"228"}]}}],"versions":["v1","v10","v11","v12","v13","v14","v15","v16","v17","v18","v183","v184","v185","v186","v187","v188","v189","v19","v190","v191","v192","v193","v194","v195","v196","v197","v198","v199","v2","v20","v200","v201","v202","v203","v204","v205","v206","v207","v208","v209","v21","v210","v211","v212","v213","v214","v215","v216","v217","v218","v219","v22","v220","v221","v222","v223","v224","v225","v226","v227","v228","v23","v24","v25","v26","v27","v28","v29","v3","v30","v31","v32","v33","v34","v35","v36","v37","v38","v39","v4","v40","v41","v42","v43","v44","v5","v6","v7","v8","v9"],"database_specific":{"vanir_signatures":[{"digest":{"line_hashes":["143490046643793043951247385066281749424","122935519918159594852004239146072093699","54395448293350274193157192029626465405","319258269167257065855528611741500025477","14136216880443083922228792084368357903","308585633961784689412430179420870598457","128309604439848126161042702311541266943","151843754083868116041010403313887337385"],"threshold":0.9},"deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"src/test/test-conf-files.c"},"source":"https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f","id":"CVE-2016-10156-14049a83"},{"digest":{"line_hashes":["884391527119032421930507393033943967","71444658684207020711684283464577893821","129040058516969266729007866096539935790","171985266963045669393736977086235467711","167028769458000049328164706596134535271","325425461498447324481272706372516446726","73487370959010915169797254673591995470","166827898435921037420828712229566259421"],"threshold":0.9},"deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"src/core/timer.c"},"source":"https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f","id":"CVE-2016-10156-4267b89a"},{"digest":{"length":765,"function_hash":"16651552642822266066331222789744711377"},"deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"file":"src/basic/fs-util.c","function":"touch_file"},"source":"https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f","id":"CVE-2016-10156-50486a66"},{"digest":{"length":126,"function_hash":"202510193103278909526249463735252315663"},"deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"file":"src/basic/fs-util.c","function":"touch"},"source":"https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f","id":"CVE-2016-10156-743c9fdd"},{"digest":{"line_hashes":["97400082154898398970675292924757582953","110083905208857346320650848691103642371","307475506367816187332214095585553537513","135927274798206812626501416543824620549","3601903755967494894851062893010901710","220389832517227226628827653175591840104","13230225266436895651077031958836395872","150678483076905833111675878602351293786"],"threshold":0.9},"deprecated":false,"signature_version":"v1","signature_type":"Line","target":{"file":"src/basic/fs-util.c"},"source":"https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f","id":"CVE-2016-10156-a191707d"},{"digest":{"length":375,"function_hash":"5821552094425570502963670811945135628"},"deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"file":"src/test/test-conf-files.c","function":"setup_test_dir"},"source":"https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f","id":"CVE-2016-10156-a8fd9cc9"},{"digest":{"length":693,"function_hash":"5027209638548168649191285761072337226"},"deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"file":"src/core/timer.c","function":"timer_enter_running"},"source":"https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f","id":"CVE-2016-10156-b754c4cb"},{"digest":{"length":749,"function_hash":"296421973068010747095949689944144467270"},"deprecated":false,"signature_version":"v1","signature_type":"Function","target":{"file":"src/core/timer.c","function":"timer_start"},"source":"https://github.com/systemd/systemd/commit/ee735086f8670be1591fa9593e80dd60163a7a2f","id":"CVE-2016-10156-b9e14642"}],"vanir_signatures_modified":"2026-04-11T03:43:37Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10156.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}