ID CVE-2019-3815
Summary A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A local attacker may use this flaw to make systemd-journald crash. This issue only affects versions shipped with Red Hat Enterprise since v219-62.2.
References
Vulnerable Configurations
  • cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
CVSS
Base: 2.1 (as of 09-10-2019 - 23:49)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
  • bugzilla
    id 1666690
    title CVE-2019-3815 systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment libgudev1 is earlier than 0:219-62.el7_6.3
          oval oval:com.redhat.rhsa:tst:20190201015
        • comment libgudev1 is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152092016
      • AND
        • comment libgudev1-devel is earlier than 0:219-62.el7_6.3
          oval oval:com.redhat.rhsa:tst:20190201007
        • comment libgudev1-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152092008
      • AND
        • comment systemd is earlier than 0:219-62.el7_6.3
          oval oval:com.redhat.rhsa:tst:20190201011
        • comment systemd is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152092020
      • AND
        • comment systemd-devel is earlier than 0:219-62.el7_6.3
          oval oval:com.redhat.rhsa:tst:20190201021
        • comment systemd-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152092018
      • AND
        • comment systemd-journal-gateway is earlier than 0:219-62.el7_6.3
          oval oval:com.redhat.rhsa:tst:20190201009
        • comment systemd-journal-gateway is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152092024
      • AND
        • comment systemd-libs is earlier than 0:219-62.el7_6.3
          oval oval:com.redhat.rhsa:tst:20190201005
        • comment systemd-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152092012
      • AND
        • comment systemd-networkd is earlier than 0:219-62.el7_6.3
          oval oval:com.redhat.rhsa:tst:20190201017
        • comment systemd-networkd is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152092006
      • AND
        • comment systemd-python is earlier than 0:219-62.el7_6.3
          oval oval:com.redhat.rhsa:tst:20190201023
        • comment systemd-python is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152092014
      • AND
        • comment systemd-resolved is earlier than 0:219-62.el7_6.3
          oval oval:com.redhat.rhsa:tst:20190201013
        • comment systemd-resolved is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152092022
      • AND
        • comment systemd-sysv is earlier than 0:219-62.el7_6.3
          oval oval:com.redhat.rhsa:tst:20190201019
        • comment systemd-sysv is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20152092010
    rhsa
    id RHSA-2019:0201
    released 2019-01-29
    severity Low
    title RHSA-2019:0201: systemd security update (Low)
  • rhsa
    id RHBA-2019:0327
rpms
  • libgudev1-0:219-62.el7_6.3
  • libgudev1-devel-0:219-62.el7_6.3
  • systemd-0:219-62.el7_6.3
  • systemd-devel-0:219-62.el7_6.3
  • systemd-journal-gateway-0:219-62.el7_6.3
  • systemd-libs-0:219-62.el7_6.3
  • systemd-networkd-0:219-62.el7_6.3
  • systemd-python-0:219-62.el7_6.3
  • systemd-resolved-0:219-62.el7_6.3
  • systemd-sysv-0:219-62.el7_6.3
refmap via4
bid 106632
confirm https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3815
mlist [debian-lts-announce] 20190313 [SECURITY] [DLA 1711-1] systemd security update
Last major update 09-10-2019 - 23:49
Published 28-01-2019 - 15:29
Back to Top