{"id":"UBUNTU-CVE-2014-9770","details":"tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.","modified":"2025-07-16T07:33:00.002753Z","published":"2016-04-20T16:59:00Z","withdrawn":"2025-07-18T16:43:07Z","upstream":["CVE-2014-9770"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-9770"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2014-9770"}],"affected":[{"package":{"name":"systemd","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/systemd@204-5ubuntu20.19?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"204-5ubuntu20.19"}]}],"versions":["204-0ubuntu18","204-0ubuntu19","204-5ubuntu3","204-5ubuntu5","204-5ubuntu6","204-5ubuntu7","204-5ubuntu8","204-5ubuntu9","204-5ubuntu10","204-5ubuntu11","204-5ubuntu13","204-5ubuntu14","204-5ubuntu15","204-5ubuntu16","204-5ubuntu17","204-5ubuntu18","204-5ubuntu19","204-5ubuntu20","204-5ubuntu20.2","204-5ubuntu20.3","204-5ubuntu20.4","204-5ubuntu20.5","204-5ubuntu20.6","204-5ubuntu20.7","204-5ubuntu20.8","204-5ubuntu20.9","204-5ubuntu20.10","204-5ubuntu20.11","204-5ubuntu20.12","204-5ubuntu20.13","204-5ubuntu20.14","204-5ubuntu20.15","204-5ubuntu20.18"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"gir1.2-gudev-1.0","binary_version":"1:204-5ubuntu20.19"},{"binary_name":"libgudev-1.0-0","binary_version":"1:204-5ubuntu20.19"},{"binary_name":"libgudev-1.0-0-dbgsym","binary_version":"1:204-5ubuntu20.19"},{"binary_name":"libgudev-1.0-dev","binary_version":"1:204-5ubuntu20.19"},{"binary_name":"libpam-systemd","binary_version":"204-5ubuntu20.19"},{"binary_name":"libpam-systemd-dbgsym","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-daemon-dev","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-daemon0","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-daemon0-dbgsym","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-id128-0","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-id128-0-dbgsym","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-id128-dev","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-journal-dev","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-journal0","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-journal0-dbgsym","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-login-dev","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-login0","binary_version":"204-5ubuntu20.19"},{"binary_name":"libsystemd-login0-dbgsym","binary_version":"204-5ubuntu20.19"},{"binary_name":"libudev-dev","binary_version":"204-5ubuntu20.19"},{"binary_name":"libudev1","binary_version":"204-5ubuntu20.19"},{"binary_name":"libudev1-dbgsym","binary_version":"204-5ubuntu20.19"},{"binary_name":"libudev1-udeb","binary_version":"204-5ubuntu20.19"},{"binary_name":"libudev1-udeb-dbgsym","binary_version":"204-5ubuntu20.19"},{"binary_name":"python-systemd","binary_version":"204-5ubuntu20.19"},{"binary_name":"python-systemd-dbgsym","binary_version":"204-5ubuntu20.19"},{"binary_name":"systemd-services","binary_version":"204-5ubuntu20.19"},{"binary_name":"systemd-services-dbgsym","binary_version":"204-5ubuntu20.19"},{"binary_name":"udev","binary_version":"204-5ubuntu20.19"},{"binary_name":"udev-dbgsym","binary_version":"204-5ubuntu20.19"},{"binary_name":"udev-udeb","binary_version":"204-5ubuntu20.19"},{"binary_name":"udev-udeb-dbgsym","binary_version":"204-5ubuntu20.19"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-9770.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]}