Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-3831 (GCVE-0-2019-3831)
Vulnerability from cvelistv5 – Published: 2019-03-25 17:12 – Updated: 2024-08-04 19:19
VLAI?
EPSS
Summary
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
Severity ?
6.4 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Date Public ?
2019-02-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "vdsm",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "4.30.9"
}
]
}
],
"datePublic": "2019-02-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-25T17:12:10.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-3831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vdsm",
"version": {
"version_data": [
{
"version_value": "4.30.9"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "6.4/CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-3831",
"datePublished": "2019-03-25T17:12:10.000Z",
"dateReserved": "2019-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-04T19:19:18.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.19\", \"versionEndIncluding\": \"4.30.3\", \"matchCriteriaId\": \"CE133A09-DE61-4AE2-90FD-A24D2E0BD5B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.30.5\", \"versionEndIncluding\": \"4.30.8\", \"matchCriteriaId\": \"859EBC12-485A-4214-8BDA-C0A6205F904F\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1986832-44C9-491E-A75D-AAD8FAE683E6\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.\"}, {\"lang\": \"es\", \"value\": \"Se ha detectado una vulnerabilidad en vdsm, desde la versi\\u00f3n 4.19 hasta la 4.30.3 y desde la 4.30.5 hasta la 4.30.8.. La funci\\u00f3n systemd_run expuesta al usuario del sistema vdsm podr\\u00eda ser abusada para ejecutar comandos arbitrarios como root.\"}]",
"id": "CVE-2019-3831",
"lastModified": "2024-11-21T04:42:38.220",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.8, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.5, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-03-25T18:29:00.933",
"references": "[{\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-3831\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2019-03-25T18:29:00.933\",\"lastModified\":\"2024-11-21T04:42:38.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado una vulnerabilidad en vdsm, desde la versi\u00f3n 4.19 hasta la 4.30.3 y desde la 4.30.5 hasta la 4.30.8.. La funci\u00f3n systemd_run expuesta al usuario del sistema vdsm podr\u00eda ser abusada para ejecutar comandos arbitrarios como root.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.8,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.19\",\"versionEndIncluding\":\"4.30.3\",\"matchCriteriaId\":\"CE133A09-DE61-4AE2-90FD-A24D2E0BD5B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.30.5\",\"versionEndIncluding\":\"4.30.8\",\"matchCriteriaId\":\"859EBC12-485A-4214-8BDA-C0A6205F904F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1986832-44C9-491E-A75D-AAD8FAE683E6\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
RHSA-2019:0458
Vulnerability from csaf_redhat - Published: 2019-03-05 11:10 - Updated: 2026-02-23 16:21Summary
Red Hat Security Advisory: vdsm security and bug fix update
Severity
Moderate
Notes
Topic: An update for vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection.
The following packages have been upgraded to a later upstream version: vdsm (4.20.47). (BZ#1677458)
Security Fix(es):
* vdsm: privilege escalation to root via systemd_run (CVE-2019-3831)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* VDSM attempted to collect OpenStack related information, even on hosts that are not connected to OpenStack, and displayed a repeated error message in the system log. In this release, errors originating from OpenStack related information are not recorded in the system log. As a result, the system log is quieter. (BZ#1673765)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
https://access.redhat.com/errata/RHSA-2019:0458
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host\u0027s storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection.\n\nThe following packages have been upgraded to a later upstream version: vdsm (4.20.47). (BZ#1677458)\n\nSecurity Fix(es):\n\n* vdsm: privilege escalation to root via systemd_run (CVE-2019-3831)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* VDSM attempted to collect OpenStack related information, even on hosts that are not connected to OpenStack, and displayed a repeated error message in the system log. In this release, errors originating from OpenStack related information are not recorded in the system log. As a result, the system log is quieter. (BZ#1673765)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:0458",
"url": "https://access.redhat.com/errata/RHSA-2019:0458"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1673765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1673765"
},
{
"category": "external",
"summary": "1677108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0458.json"
}
],
"title": "Red Hat Security Advisory: vdsm security and bug fix update",
"tracking": {
"current_release_date": "2026-02-23T16:21:57+00:00",
"generator": {
"date": "2026-02-23T16:21:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2019:0458",
"initial_release_date": "2019-03-05T11:10:04+00:00",
"revision_history": [
{
"date": "2019-03-05T11:10:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-03-05T11:10:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-23T16:21:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product": {
"name": "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-fcoe@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-vhostmd@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-yajsonrpc@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-openstacknet@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-common-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-common-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-common-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-common@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-cpuflags@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-client-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-client-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-client-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-client@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-http-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-http-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-http-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-http@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-ethtool-options@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-macspoof@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-localdisk@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-python-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-python-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-python-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-python@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-api-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-api-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-api-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-api@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-vmfex-dev@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-nestedvt@4.20.47-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-0:4.20.47-1.el7ev.x86_64",
"product": {
"name": "vdsm-0:4.20.47-1.el7ev.x86_64",
"product_id": "vdsm-0:4.20.47-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm@4.20.47-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-network-0:4.20.47-1.el7ev.x86_64",
"product": {
"name": "vdsm-network-0:4.20.47-1.el7ev.x86_64",
"product_id": "vdsm-network-0:4.20.47-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-network@4.20.47-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"product": {
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"product_id": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-extra-ipv4-addrs@4.20.47-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"product": {
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"product_id": "vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-checkips@4.20.47-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"product": {
"name": "vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"product_id": "vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-gluster@4.20.47-1.el7ev?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-0:4.20.47-1.el7ev.src",
"product": {
"name": "vdsm-0:4.20.47-1.el7ev.src",
"product_id": "vdsm-0:4.20.47-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm@4.20.47-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-0:4.20.47-1.el7ev.ppc64le",
"product": {
"name": "vdsm-0:4.20.47-1.el7ev.ppc64le",
"product_id": "vdsm-0:4.20.47-1.el7ev.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm@4.20.47-1.el7ev?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"product": {
"name": "vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"product_id": "vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-network@4.20.47-1.el7ev?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"product": {
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"product_id": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-extra-ipv4-addrs@4.20.47-1.el7ev?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"product": {
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"product_id": "vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-checkips@4.20.47-1.el7ev?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"product": {
"name": "vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"product_id": "vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-gluster@4.20.47-1.el7ev?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-0:4.20.47-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.ppc64le"
},
"product_reference": "vdsm-0:4.20.47-1.el7ev.ppc64le",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-0:4.20.47-1.el7ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.src"
},
"product_reference": "vdsm-0:4.20.47-1.el7ev.src",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-0:4.20.47-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.x86_64"
},
"product_reference": "vdsm-0:4.20.47-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-api-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-api-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-api-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-client-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-client-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-client-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-common-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-common-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-common-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-gluster-0:4.20.47-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.ppc64le"
},
"product_reference": "vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-gluster-0:4.20.47-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.x86_64"
},
"product_reference": "vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le"
},
"product_reference": "vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64"
},
"product_reference": "vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le"
},
"product_reference": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64"
},
"product_reference": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-http-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-http-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-http-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-network-0:4.20.47-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.ppc64le"
},
"product_reference": "vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-network-0:4.20.47-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.x86_64"
},
"product_reference": "vdsm-network-0:4.20.47-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-python-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-python-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-python-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-3831",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677108"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vdsm: privilege escalation to root via systemd_run",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.src",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-api-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-client-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-common-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-http-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-python-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3831"
},
{
"category": "external",
"summary": "RHBZ#1677108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831"
}
],
"release_date": "2019-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-03-05T11:10:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.src",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-api-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-client-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-common-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-http-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-python-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.src",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-api-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-client-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-common-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-http-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-python-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vdsm: privilege escalation to root via systemd_run"
}
]
}
RHBA-2019_1965
Vulnerability from csaf_redhat - Published: 2019-07-30 10:04 - Updated: 2024-11-15 05:12Summary
Red Hat Bug Fix Advisory: vdsm bug fix update
Severity
Moderate
Notes
Topic: Updated vdsm packages that fix one bug are now available for Red Hat Gluster Storage 3.4 on Red Hat Enterprise Linux 7.
Details: VDSM is a management module that serves as a Red Hat Virtualization Manager agent on Red Hat Virtualization Host or Red Hat Enterprise Linux hosts.
The vdsm package has been upgraded to version 4.30, which provides a number of bug fixes over the previous version. (BZ#1725703)
Users of vdsm package on Red Hat Gluster Storage are advised to upgrade to these updated packages.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
6.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHBA-2019:1965
References
| URL | Category | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated vdsm packages that fix one bug are now available for Red Hat Gluster Storage 3.4 on Red Hat Enterprise Linux 7.",
"title": "Topic"
},
{
"category": "general",
"text": "VDSM is a management module that serves as a Red Hat Virtualization Manager agent on Red Hat Virtualization Host or Red Hat Enterprise Linux hosts.\n\nThe vdsm package has been upgraded to version 4.30, which provides a number of bug fixes over the previous version. (BZ#1725703)\n\nUsers of vdsm package on Red Hat Gluster Storage are advised to upgrade to these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:1965",
"url": "https://access.redhat.com/errata/RHBA-2019:1965"
},
{
"category": "external",
"summary": "1725703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1965.json"
}
],
"title": "Red Hat Bug Fix Advisory: vdsm bug fix update",
"tracking": {
"current_release_date": "2024-11-15T05:12:16+00:00",
"generator": {
"date": "2024-11-15T05:12:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2019:1965",
"initial_release_date": "2019-07-30T10:04:49+00:00",
"revision_history": [
{
"date": "2019-07-30T10:04:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-07-30T10:04:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T05:12:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product": {
"name": "Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:storage:3.4:server:el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Gluster Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"product": {
"name": "python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"product_id": "python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ioprocess@1.1.2-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ioprocess-0:1.1.2-1.el7ev.x86_64",
"product": {
"name": "ioprocess-0:1.1.2-1.el7ev.x86_64",
"product_id": "ioprocess-0:1.1.2-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ioprocess@1.1.2-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"product": {
"name": "ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"product_id": "ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ioprocess-debuginfo@1.1.2-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"product": {
"name": "safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"product_id": "safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/safelease-debuginfo@1.0-7.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "safelease-0:1.0-7.el7ev.x86_64",
"product": {
"name": "safelease-0:1.0-7.el7ev.x86_64",
"product_id": "safelease-0:1.0-7.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/safelease@1.0-7.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"product": {
"name": "vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"product_id": "vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-gluster@4.30.18-1.0.el7rhgs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"product": {
"name": "vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"product_id": "vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm@4.30.18-1.0.el7rhgs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"product": {
"name": "vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"product_id": "vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-network@4.30.18-1.0.el7rhgs?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ioprocess-0:1.1.2-1.el7ev.src",
"product": {
"name": "ioprocess-0:1.1.2-1.el7ev.src",
"product_id": "ioprocess-0:1.1.2-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ioprocess@1.1.2-1.el7ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "safelease-0:1.0-7.el7ev.src",
"product": {
"name": "safelease-0:1.0-7.el7ev.src",
"product_id": "safelease-0:1.0-7.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/safelease@1.0-7.el7ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "vdsm-0:4.30.18-1.0.el7rhgs.src",
"product": {
"name": "vdsm-0:4.30.18-1.0.el7rhgs.src",
"product_id": "vdsm-0:4.30.18-1.0.el7rhgs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm@4.30.18-1.0.el7rhgs?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-yajsonrpc@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-fcoe@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-tests@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-cpuflags@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-common@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-macspoof@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-openstacknet@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-client@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-localdisk@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-ethtool-options@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-qemucmdline@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-http@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-api@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-faqemu@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-python@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-vmfex-dev@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ioprocess-0:1.1.2-1.el7ev.src as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.src"
},
"product_reference": "ioprocess-0:1.1.2-1.el7ev.src",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ioprocess-0:1.1.2-1.el7ev.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.x86_64"
},
"product_reference": "ioprocess-0:1.1.2-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64"
},
"product_reference": "ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ioprocess-0:1.1.2-1.el7ev.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:python2-ioprocess-0:1.1.2-1.el7ev.x86_64"
},
"product_reference": "python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "safelease-0:1.0-7.el7ev.src as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.src"
},
"product_reference": "safelease-0:1.0-7.el7ev.src",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "safelease-0:1.0-7.el7ev.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.x86_64"
},
"product_reference": "safelease-0:1.0-7.el7ev.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "safelease-debuginfo-0:1.0-7.el7ev.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:safelease-debuginfo-0:1.0-7.el7ev.x86_64"
},
"product_reference": "safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-0:4.30.18-1.0.el7rhgs.src as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.src"
},
"product_reference": "vdsm-0:4.30.18-1.0.el7rhgs.src",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-0:4.30.18-1.0.el7rhgs.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.x86_64"
},
"product_reference": "vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-api-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-api-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-client-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-client-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-common-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-common-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64"
},
"product_reference": "vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-http-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-http-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64"
},
"product_reference": "vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-python-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-python-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-3831",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677108"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vdsm: privilege escalation to root via systemd_run",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.src",
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.src",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.src",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3831"
},
{
"category": "external",
"summary": "RHBZ#1677108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831"
}
],
"release_date": "2019-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-30T10:04:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.src",
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.src",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.src",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1965"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.src",
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.src",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.src",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vdsm: privilege escalation to root via systemd_run"
}
]
}
RHSA-2019_0457
Vulnerability from csaf_redhat - Published: 2019-03-05 11:09 - Updated: 2024-11-15 08:22Summary
Red Hat Security Advisory: redhat-virtualization-host security update
Severity
Important
Notes
Topic: An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
The following packages have been upgraded to a later upstream version: redhat-release-virtualization-host (4.2), redhat-virtualization-host (4.2). (BZ#1678629, BZ#1679414)
Security Fix(es):
* spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813)
* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)
* vdsm: privilege escalation to root via systemd_run (CVE-2019-3831)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
8.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
https://access.redhat.com/errata/RHSA-2019:0457
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
https://access.redhat.com/errata/RHSA-2019:0457
It was discovered that systemd allocates a buffer large enough to store the path field of a dbus message without performing enough checks. A local attacker may trigger this flaw by sending a dbus message to systemd with a large path making systemd crash or possibly elevating his privileges.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
https://access.redhat.com/errata/RHSA-2019:0457
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Red Hat
Christophe Fergeau
Ubuntu Security
Chris Coulson
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host\u0027s resources and performing administrative tasks.\n\nThe following packages have been upgraded to a later upstream version: redhat-release-virtualization-host (4.2), redhat-virtualization-host (4.2). (BZ#1678629, BZ#1679414)\n\nSecurity Fix(es):\n\n* spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813)\n\n* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\n\n* vdsm: privilege escalation to root via systemd_run (CVE-2019-3831)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:0457",
"url": "https://access.redhat.com/errata/RHSA-2019:0457"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1665371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665371"
},
{
"category": "external",
"summary": "1667032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667032"
},
{
"category": "external",
"summary": "1677108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677108"
},
{
"category": "external",
"summary": "1677667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677667"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0457.json"
}
],
"title": "Red Hat Security Advisory: redhat-virtualization-host security update",
"tracking": {
"current_release_date": "2024-11-15T08:22:49+00:00",
"generator": {
"date": "2024-11-15T08:22:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2019:0457",
"initial_release_date": "2019-03-05T11:09:51+00:00",
"revision_history": [
{
"date": "2019-03-05T11:09:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-03-05T11:09:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T08:22:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product": {
"name": "RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor"
}
}
},
{
"category": "product_name",
"name": "Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product": {
"name": "Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product_id": "7Server-RHEV-4-Hypervisor-7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"product": {
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"product_id": "redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.2-8.3.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"product": {
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"product_id": "redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.2-8.3.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"product": {
"name": "redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"product_id": "redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host@4.2-20190219.0.el7_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch",
"product": {
"name": "redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch",
"product_id": "redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.2-8.3.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"product": {
"name": "redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"product_id": "redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.2-20190219.0.el7_6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-0:4.2-20190219.0.el7_6.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product_id": "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src"
},
"product_reference": "redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"relates_to_product_reference": "7Server-RHEV-4-Hypervisor-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product_id": "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch"
},
"product_reference": "redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Hypervisor-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src"
},
"product_reference": "redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64 as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64"
},
"product_reference": "redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
},
"product_reference": "redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Christophe Fergeau"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3813",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"discovery_date": "2018-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1665371"
}
],
"notes": [
{
"category": "description",
"text": "Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spice: Off-by-one error in array access in spice/server/memslot.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3813"
},
{
"category": "external",
"summary": "RHBZ#1665371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665371"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3813",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3813"
}
],
"release_date": "2019-01-28T18:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-03-05T11:09:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0457"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spice: Off-by-one error in array access in spice/server/memslot.c"
},
{
"cve": "CVE-2019-3831",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677108"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vdsm: privilege escalation to root via systemd_run",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3831"
},
{
"category": "external",
"summary": "RHBZ#1677108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831"
}
],
"release_date": "2019-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-03-05T11:09:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0457"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vdsm: privilege escalation to root via systemd_run"
},
{
"acknowledgments": [
{
"names": [
"Chris Coulson"
],
"organization": "Ubuntu Security"
}
],
"cve": "CVE-2019-6454",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1667032"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that systemd allocates a buffer large enough to store the path field of a dbus message without performing enough checks. A local attacker may trigger this flaw by sending a dbus message to systemd with a large path making systemd crash or possibly elevating his privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is present in Red Hat Virtualization Hypervisor and Management Appliance, however it can only be exploited locally. Since these systems do not typically have local user accounts, this issue has been rated Moderate severity for Red Hat Virtualization 4.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-6454"
},
{
"category": "external",
"summary": "RHBZ#1667032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667032"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-6454",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6454"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-6454",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6454"
}
],
"release_date": "2019-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-03-05T11:09:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0457"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash"
}
]
}
RHSA-2019_0458
Vulnerability from csaf_redhat - Published: 2019-03-05 11:10 - Updated: 2024-11-15 05:12Summary
Red Hat Security Advisory: vdsm security and bug fix update
Severity
Moderate
Notes
Topic: An update for vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host's storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection.
The following packages have been upgraded to a later upstream version: vdsm (4.20.47). (BZ#1677458)
Security Fix(es):
* vdsm: privilege escalation to root via systemd_run (CVE-2019-3831)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* VDSM attempted to collect OpenStack related information, even on hosts that are not connected to OpenStack, and displayed a repeated error message in the system log. In this release, errors originating from OpenStack related information are not recorded in the system log. As a result, the system log is quieter. (BZ#1673765)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
https://access.redhat.com/errata/RHSA-2019:0458
References
| URL | Category | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The VDSM service is required by a Virtualization Manager to manage the Linux hosts. VDSM manages and monitors the host\u0027s storage, memory and networks as well as virtual machine creation, other host administration tasks, statistics gathering, and log collection.\n\nThe following packages have been upgraded to a later upstream version: vdsm (4.20.47). (BZ#1677458)\n\nSecurity Fix(es):\n\n* vdsm: privilege escalation to root via systemd_run (CVE-2019-3831)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* VDSM attempted to collect OpenStack related information, even on hosts that are not connected to OpenStack, and displayed a repeated error message in the system log. In this release, errors originating from OpenStack related information are not recorded in the system log. As a result, the system log is quieter. (BZ#1673765)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:0458",
"url": "https://access.redhat.com/errata/RHSA-2019:0458"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1673765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1673765"
},
{
"category": "external",
"summary": "1677108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0458.json"
}
],
"title": "Red Hat Security Advisory: vdsm security and bug fix update",
"tracking": {
"current_release_date": "2024-11-15T05:12:00+00:00",
"generator": {
"date": "2024-11-15T05:12:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2019:0458",
"initial_release_date": "2019-03-05T11:10:04+00:00",
"revision_history": [
{
"date": "2019-03-05T11:10:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-03-05T11:10:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T05:12:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product": {
"name": "Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-fcoe@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-vhostmd@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-yajsonrpc@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-openstacknet@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-common-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-common-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-common-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-common@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-cpuflags@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-client-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-client-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-client-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-client@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-http-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-http-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-http-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-http@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-ethtool-options@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-macspoof@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-localdisk@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-python-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-python-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-python-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-python@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-api-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-api-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-api-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-api@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-vmfex-dev@4.20.47-1.el7ev?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"product": {
"name": "vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"product_id": "vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-nestedvt@4.20.47-1.el7ev?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-0:4.20.47-1.el7ev.x86_64",
"product": {
"name": "vdsm-0:4.20.47-1.el7ev.x86_64",
"product_id": "vdsm-0:4.20.47-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm@4.20.47-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-network-0:4.20.47-1.el7ev.x86_64",
"product": {
"name": "vdsm-network-0:4.20.47-1.el7ev.x86_64",
"product_id": "vdsm-network-0:4.20.47-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-network@4.20.47-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"product": {
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"product_id": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-extra-ipv4-addrs@4.20.47-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"product": {
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"product_id": "vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-checkips@4.20.47-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"product": {
"name": "vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"product_id": "vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-gluster@4.20.47-1.el7ev?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-0:4.20.47-1.el7ev.src",
"product": {
"name": "vdsm-0:4.20.47-1.el7ev.src",
"product_id": "vdsm-0:4.20.47-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm@4.20.47-1.el7ev?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-0:4.20.47-1.el7ev.ppc64le",
"product": {
"name": "vdsm-0:4.20.47-1.el7ev.ppc64le",
"product_id": "vdsm-0:4.20.47-1.el7ev.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm@4.20.47-1.el7ev?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"product": {
"name": "vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"product_id": "vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-network@4.20.47-1.el7ev?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"product": {
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"product_id": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-extra-ipv4-addrs@4.20.47-1.el7ev?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"product": {
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"product_id": "vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-checkips@4.20.47-1.el7ev?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"product": {
"name": "vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"product_id": "vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-gluster@4.20.47-1.el7ev?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-0:4.20.47-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.ppc64le"
},
"product_reference": "vdsm-0:4.20.47-1.el7ev.ppc64le",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-0:4.20.47-1.el7ev.src as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.src"
},
"product_reference": "vdsm-0:4.20.47-1.el7ev.src",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-0:4.20.47-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.x86_64"
},
"product_reference": "vdsm-0:4.20.47-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-api-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-api-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-api-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-client-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-client-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-client-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-common-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-common-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-common-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-gluster-0:4.20.47-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.ppc64le"
},
"product_reference": "vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-gluster-0:4.20.47-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.x86_64"
},
"product_reference": "vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le"
},
"product_reference": "vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64"
},
"product_reference": "vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le"
},
"product_reference": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64"
},
"product_reference": "vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-http-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-http-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-http-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-network-0:4.20.47-1.el7ev.ppc64le as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.ppc64le"
},
"product_reference": "vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-network-0:4.20.47-1.el7ev.x86_64 as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.x86_64"
},
"product_reference": "vdsm-network-0:4.20.47-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-python-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-python-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-python-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch as a component of Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts",
"product_id": "7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch"
},
"product_reference": "vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Agents-7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-3831",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677108"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vdsm: privilege escalation to root via systemd_run",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.src",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-api-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-client-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-common-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-http-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-python-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3831"
},
{
"category": "external",
"summary": "RHBZ#1677108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831"
}
],
"release_date": "2019-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-03-05T11:10:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.src",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-api-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-client-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-common-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-http-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-python-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.src",
"7Server-RHEV-4-Agents-7:vdsm-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-api-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-client-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-common-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-gluster-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-checkips-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-cpuflags-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-ethtool-options-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-hook-extra-ipv4-addrs-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-hook-fcoe-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-localdisk-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-macspoof-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-nestedvt-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-openstacknet-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vhostmd-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-hook-vmfex-dev-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-http-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-jsonrpc-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.ppc64le",
"7Server-RHEV-4-Agents-7:vdsm-network-0:4.20.47-1.el7ev.x86_64",
"7Server-RHEV-4-Agents-7:vdsm-python-0:4.20.47-1.el7ev.noarch",
"7Server-RHEV-4-Agents-7:vdsm-yajsonrpc-0:4.20.47-1.el7ev.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vdsm: privilege escalation to root via systemd_run"
}
]
}
RHBA-2019:1965
Vulnerability from csaf_redhat - Published: 2019-07-30 10:04 - Updated: 2026-02-23 16:21Summary
Red Hat Bug Fix Advisory: vdsm bug fix update
Severity
Moderate
Notes
Topic: Updated vdsm packages that fix one bug are now available for Red Hat Gluster Storage 3.4 on Red Hat Enterprise Linux 7.
Details: VDSM is a management module that serves as a Red Hat Virtualization Manager agent on Red Hat Virtualization Host or Red Hat Enterprise Linux hosts.
The vdsm package has been upgraded to version 4.30, which provides a number of bug fixes over the previous version. (BZ#1725703)
Users of vdsm package on Red Hat Gluster Storage are advised to upgrade to these updated packages.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
6.4 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHBA-2019:1965
References
| URL | Category | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated vdsm packages that fix one bug are now available for Red Hat Gluster Storage 3.4 on Red Hat Enterprise Linux 7.",
"title": "Topic"
},
{
"category": "general",
"text": "VDSM is a management module that serves as a Red Hat Virtualization Manager agent on Red Hat Virtualization Host or Red Hat Enterprise Linux hosts.\n\nThe vdsm package has been upgraded to version 4.30, which provides a number of bug fixes over the previous version. (BZ#1725703)\n\nUsers of vdsm package on Red Hat Gluster Storage are advised to upgrade to these updated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:1965",
"url": "https://access.redhat.com/errata/RHBA-2019:1965"
},
{
"category": "external",
"summary": "1725703",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725703"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_1965.json"
}
],
"title": "Red Hat Bug Fix Advisory: vdsm bug fix update",
"tracking": {
"current_release_date": "2026-02-23T16:21:53+00:00",
"generator": {
"date": "2026-02-23T16:21:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHBA-2019:1965",
"initial_release_date": "2019-07-30T10:04:49+00:00",
"revision_history": [
{
"date": "2019-07-30T10:04:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-07-30T10:04:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-23T16:21:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product": {
"name": "Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:storage:3.4:server:el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Gluster Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"product": {
"name": "python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"product_id": "python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-ioprocess@1.1.2-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ioprocess-0:1.1.2-1.el7ev.x86_64",
"product": {
"name": "ioprocess-0:1.1.2-1.el7ev.x86_64",
"product_id": "ioprocess-0:1.1.2-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ioprocess@1.1.2-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"product": {
"name": "ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"product_id": "ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ioprocess-debuginfo@1.1.2-1.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"product": {
"name": "safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"product_id": "safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/safelease-debuginfo@1.0-7.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "safelease-0:1.0-7.el7ev.x86_64",
"product": {
"name": "safelease-0:1.0-7.el7ev.x86_64",
"product_id": "safelease-0:1.0-7.el7ev.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/safelease@1.0-7.el7ev?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"product": {
"name": "vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"product_id": "vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-gluster@4.30.18-1.0.el7rhgs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"product": {
"name": "vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"product_id": "vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm@4.30.18-1.0.el7rhgs?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"product": {
"name": "vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"product_id": "vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-network@4.30.18-1.0.el7rhgs?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ioprocess-0:1.1.2-1.el7ev.src",
"product": {
"name": "ioprocess-0:1.1.2-1.el7ev.src",
"product_id": "ioprocess-0:1.1.2-1.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ioprocess@1.1.2-1.el7ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "safelease-0:1.0-7.el7ev.src",
"product": {
"name": "safelease-0:1.0-7.el7ev.src",
"product_id": "safelease-0:1.0-7.el7ev.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/safelease@1.0-7.el7ev?arch=src"
}
}
},
{
"category": "product_version",
"name": "vdsm-0:4.30.18-1.0.el7rhgs.src",
"product": {
"name": "vdsm-0:4.30.18-1.0.el7rhgs.src",
"product_id": "vdsm-0:4.30.18-1.0.el7rhgs.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm@4.30.18-1.0.el7rhgs?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-yajsonrpc@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-fcoe@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-tests@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-cpuflags@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-common@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-macspoof@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-jsonrpc@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-openstacknet@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-client@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-localdisk@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-ethtool-options@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-qemucmdline@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-http@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-api@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-faqemu@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-python@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"product": {
"name": "vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"product_id": "vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/vdsm-hook-vmfex-dev@4.30.18-1.0.el7rhgs?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ioprocess-0:1.1.2-1.el7ev.src as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.src"
},
"product_reference": "ioprocess-0:1.1.2-1.el7ev.src",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ioprocess-0:1.1.2-1.el7ev.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.x86_64"
},
"product_reference": "ioprocess-0:1.1.2-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64"
},
"product_reference": "ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-ioprocess-0:1.1.2-1.el7ev.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:python2-ioprocess-0:1.1.2-1.el7ev.x86_64"
},
"product_reference": "python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "safelease-0:1.0-7.el7ev.src as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.src"
},
"product_reference": "safelease-0:1.0-7.el7ev.src",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "safelease-0:1.0-7.el7ev.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.x86_64"
},
"product_reference": "safelease-0:1.0-7.el7ev.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "safelease-debuginfo-0:1.0-7.el7ev.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:safelease-debuginfo-0:1.0-7.el7ev.x86_64"
},
"product_reference": "safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-0:4.30.18-1.0.el7rhgs.src as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.src"
},
"product_reference": "vdsm-0:4.30.18-1.0.el7rhgs.src",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-0:4.30.18-1.0.el7rhgs.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.x86_64"
},
"product_reference": "vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-api-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-api-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-client-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-client-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-common-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-common-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64"
},
"product_reference": "vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-http-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-http-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64 as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64"
},
"product_reference": "vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-python-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-python-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch as a component of Red Hat Gluster Storage Server 3.4 on RHEL-7",
"product_id": "7Server-RH-Gluster-3.4-Server:vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch"
},
"product_reference": "vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"relates_to_product_reference": "7Server-RH-Gluster-3.4-Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-3831",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677108"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vdsm: privilege escalation to root via systemd_run",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.src",
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.src",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.src",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3831"
},
{
"category": "external",
"summary": "RHBZ#1677108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831"
}
],
"release_date": "2019-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-30T10:04:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.src",
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.src",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.src",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:1965"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.src",
"7Server-RH-Gluster-3.4-Server:ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:ioprocess-debuginfo-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:python2-ioprocess-0:1.1.2-1.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.src",
"7Server-RH-Gluster-3.4-Server:safelease-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:safelease-debuginfo-0:1.0-7.el7ev.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.src",
"7Server-RH-Gluster-3.4-Server:vdsm-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-api-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-client-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-common-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-gluster-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-cpuflags-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-ethtool-options-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-faqemu-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-fcoe-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-localdisk-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-macspoof-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-openstacknet-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-qemucmdline-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-hook-vmfex-dev-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-http-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-jsonrpc-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-network-0:4.30.18-1.0.el7rhgs.x86_64",
"7Server-RH-Gluster-3.4-Server:vdsm-python-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-tests-0:4.30.18-1.0.el7rhgs.noarch",
"7Server-RH-Gluster-3.4-Server:vdsm-yajsonrpc-0:4.30.18-1.0.el7rhgs.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vdsm: privilege escalation to root via systemd_run"
}
]
}
RHSA-2019:0457
Vulnerability from csaf_redhat - Published: 2019-03-05 11:09 - Updated: 2026-02-23 16:21Summary
Red Hat Security Advisory: redhat-virtualization-host security update
Severity
Important
Notes
Topic: An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
The following packages have been upgraded to a later upstream version: redhat-release-virtualization-host (4.2), redhat-virtualization-host (4.2). (BZ#1678629, BZ#1679414)
Security Fix(es):
* spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813)
* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)
* vdsm: privilege escalation to root via systemd_run (CVE-2019-3831)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.
8.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
https://access.redhat.com/errata/RHSA-2019:0457
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
6.4 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
https://access.redhat.com/errata/RHSA-2019:0457
It was discovered that systemd allocates a buffer large enough to store the path field of a dbus message without performing enough checks. A local attacker may trigger this flaw by sending a dbus message to systemd with a large path making systemd crash or possibly elevating his privileges.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891
https://access.redhat.com/errata/RHSA-2019:0457
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Red Hat
Christophe Fergeau
Ubuntu Security
Chris Coulson
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host\u0027s resources and performing administrative tasks.\n\nThe following packages have been upgraded to a later upstream version: redhat-release-virtualization-host (4.2), redhat-virtualization-host (4.2). (BZ#1678629, BZ#1679414)\n\nSecurity Fix(es):\n\n* spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813)\n\n* systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash (CVE-2019-6454)\n\n* vdsm: privilege escalation to root via systemd_run (CVE-2019-3831)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:0457",
"url": "https://access.redhat.com/errata/RHSA-2019:0457"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1665371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665371"
},
{
"category": "external",
"summary": "1667032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667032"
},
{
"category": "external",
"summary": "1677108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677108"
},
{
"category": "external",
"summary": "1677667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677667"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0457.json"
}
],
"title": "Red Hat Security Advisory: redhat-virtualization-host security update",
"tracking": {
"current_release_date": "2026-02-23T16:21:57+00:00",
"generator": {
"date": "2026-02-23T16:21:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2019:0457",
"initial_release_date": "2019-03-05T11:09:51+00:00",
"revision_history": [
{
"date": "2019-03-05T11:09:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-03-05T11:09:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-23T16:21:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product": {
"name": "RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor"
}
}
},
{
"category": "product_name",
"name": "Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product": {
"name": "Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product_id": "7Server-RHEV-4-Hypervisor-7",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor"
}
}
}
],
"category": "product_family",
"name": "Red Hat Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"product": {
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"product_id": "redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.2-8.3.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"product": {
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"product_id": "redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.2-8.3.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"product": {
"name": "redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"product_id": "redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host@4.2-20190219.0.el7_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch",
"product": {
"name": "redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch",
"product_id": "redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.2-8.3.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"product": {
"name": "redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"product_id": "redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.2-20190219.0.el7_6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-0:4.2-20190219.0.el7_6.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product_id": "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src"
},
"product_reference": "redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"relates_to_product_reference": "7Server-RHEV-4-Hypervisor-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch as a component of Red Hat Virtualization 4 Hypervisor for RHEL 7",
"product_id": "7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch"
},
"product_reference": "redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"relates_to_product_reference": "7Server-RHEV-4-Hypervisor-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.src as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src"
},
"product_reference": "redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64 as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64"
},
"product_reference": "redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch as a component of RHEL 7-based RHEV-H for RHEV 4 (build requirements)",
"product_id": "7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
},
"product_reference": "redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch",
"relates_to_product_reference": "7Server-RHEV-4-HypervisorBuild-7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Christophe Fergeau"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3813",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"discovery_date": "2018-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1665371"
}
],
"notes": [
{
"category": "description",
"text": "Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spice: Off-by-one error in array access in spice/server/memslot.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3813"
},
{
"category": "external",
"summary": "RHBZ#1665371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665371"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3813",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3813"
}
],
"release_date": "2019-01-28T18:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-03-05T11:09:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0457"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "spice: Off-by-one error in array access in spice/server/memslot.c"
},
{
"cve": "CVE-2019-3831",
"cwe": {
"id": "CWE-863",
"name": "Incorrect Authorization"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677108"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vdsm: privilege escalation to root via systemd_run",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3831"
},
{
"category": "external",
"summary": "RHBZ#1677108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831"
}
],
"release_date": "2019-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-03-05T11:09:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0457"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vdsm: privilege escalation to root via systemd_run"
},
{
"acknowledgments": [
{
"names": [
"Chris Coulson"
],
"organization": "Ubuntu Security"
}
],
"cve": "CVE-2019-6454",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1667032"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that systemd allocates a buffer large enough to store the path field of a dbus message without performing enough checks. A local attacker may trigger this flaw by sending a dbus message to systemd with a large path making systemd crash or possibly elevating his privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is present in Red Hat Virtualization Hypervisor and Management Appliance, however it can only be exploited locally. Since these systems do not typically have local user accounts, this issue has been rated Moderate severity for Red Hat Virtualization 4.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-6454"
},
{
"category": "external",
"summary": "RHBZ#1667032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1667032"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-6454",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6454"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-6454",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-6454"
}
],
"release_date": "2019-02-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-03-05T11:09:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891",
"product_ids": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0457"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-0:4.2-20190219.0.el7_6.src",
"7Server-RHEV-4-Hypervisor-7:redhat-virtualization-host-image-update-0:4.2-20190219.0.el7_6.noarch",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.src",
"7Server-RHEV-4-HypervisorBuild-7:redhat-release-virtualization-host-0:4.2-8.3.el7.x86_64",
"7Server-RHEV-4-HypervisorBuild-7:redhat-virtualization-host-image-update-placeholder-0:4.2-8.3.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash"
}
]
}
GSD-2019-3831
Vulnerability from gsd - Updated: 2023-12-13 01:24Details
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-3831",
"description": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.",
"id": "GSD-2019-3831",
"references": [
"https://access.redhat.com/errata/RHBA-2019:1965",
"https://access.redhat.com/errata/RHSA-2019:0458",
"https://access.redhat.com/errata/RHSA-2019:0457"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-3831"
],
"details": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.",
"id": "GSD-2019-3831",
"modified": "2023-12-13T01:24:03.146999Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-3831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vdsm",
"version": {
"version_data": [
{
"version_value": "4.30.9"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "6.4/CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.30.3",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.30.8",
"versionStartIncluding": "4.30.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-3831"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2020-10-19T18:07Z",
"publishedDate": "2019-03-25T18:29Z"
}
}
}
BDU:2020-02202
Vulnerability from fstec - Published: 14.02.2019
VLAI Severity ?
Title
Уязвимость функции systemd_run сервера vdsm средства управления виртуальной инфраструктурой Ovirt, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость функции systemd_run сервера vdsm средства управления виртуальной инфраструктурой Ovirt связана с непринятием мер по чистке данных на управляющем уровне. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код
Severity ?
Vendor
Red Hat Inc., Ovirt
Software Name
Red Hat Virtualization, Red Hat Storage, vdsm
Software Version
4 (Red Hat Virtualization), 3 (Red Hat Storage), от 4.19 до 4.30.3 включительно (vdsm), от 4.30.5 до 4.30.8 включительно (vdsm)
Possible Mitigations
Использование рекомендаций:
https://access.redhat.com/security/cve/cve-2019-3831
https://bugzilla.redhat.com/show_bug.cgi?id=1677109
Reference
https://access.redhat.com/security/cve/cve-2019-3831
https://bugzilla.redhat.com/show_bug.cgi?id=1677109
CWE
CWE-77, CWE-863
{
"CVSS 2.0": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., Ovirt",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "4 (Red Hat Virtualization), 3 (Red Hat Storage), \u043e\u0442 4.19 \u0434\u043e 4.30.3 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (vdsm), \u043e\u0442 4.30.5 \u0434\u043e 4.30.8 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (vdsm)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://access.redhat.com/security/cve/cve-2019-3831\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1677109",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "14.02.2019",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.05.2020",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "21.05.2020",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-02202",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-3831",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Virtualization, Red Hat Storage, vdsm",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 systemd_run \u0441\u0435\u0440\u0432\u0435\u0440\u0430 vdsm \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 Ovirt, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435 \u043c\u0435\u0440 \u043f\u043e \u0447\u0438\u0441\u0442\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u043c \u0443\u0440\u043e\u0432\u043d\u0435 (\u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0432 \u043a\u043e\u043c\u0430\u043d\u0434\u0443) (CWE-77), \u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f (CWE-863)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 systemd_run \u0441\u0435\u0440\u0432\u0435\u0440\u0430 vdsm \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u043e\u0439 Ovirt \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0438\u043d\u044f\u0442\u0438\u0435\u043c \u043c\u0435\u0440 \u043f\u043e \u0447\u0438\u0441\u0442\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u043c \u0443\u0440\u043e\u0432\u043d\u0435. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/security/cve/cve-2019-3831\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1677109",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438/\u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-77, CWE-863",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8,8)"
}
FKIE_CVE-2019-3831
Vulnerability from fkie_nvd - Published: 2019-03-25 18:29 - Updated: 2024-11-21 04:42
Severity ?
Summary
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831 | Issue Tracking, Patch, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE133A09-DE61-4AE2-90FD-A24D2E0BD5B0",
"versionEndIncluding": "4.30.3",
"versionStartIncluding": "4.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "859EBC12-485A-4214-8BDA-C0A6205F904F",
"versionEndIncluding": "4.30.8",
"versionStartIncluding": "4.30.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:gluster_storage:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1986832-44C9-491E-A75D-AAD8FAE683E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad en vdsm, desde la versi\u00f3n 4.19 hasta la 4.30.3 y desde la 4.30.5 hasta la 4.30.8.. La funci\u00f3n systemd_run expuesta al usuario del sistema vdsm podr\u00eda ser abusada para ejecutar comandos arbitrarios como root."
}
],
"id": "CVE-2019-3831",
"lastModified": "2024-11-21T04:42:38.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-25T18:29:00.933",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-MGFJ-QCPQ-XX99
Vulnerability from github – Published: 2022-05-13 01:14 – Updated: 2022-05-13 01:14
VLAI?
Details
A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.
Severity ?
6.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2019-3831"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-03-25T18:29:00Z",
"severity": "HIGH"
},
"details": "A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 and 4.30.5 through 4.30.8. The systemd_run function exposed to the vdsm system user could be abused to execute arbitrary commands as root.",
"id": "GHSA-mgfj-qcpq-xx99",
"modified": "2022-05-13T01:14:27Z",
"published": "2022-05-13T01:14:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3831"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
CNVD-2019-14430
Vulnerability from cnvd - Published: 2019-05-16
VLAI Severity ?
Title
Vdsm任意命令执行漏洞
Description
oVirt Virtual Desktop Server Manager(vdsm)是一款用于管理运行KVM管理程序技术的虚拟机主机管理器。该产品能够管理虚拟主机的存储、内存和网络资源等,并支持虚拟主机的创建。
oVirt vdsm 4.19版本至4.30.3版本和4.30.5版本至4.30.8版本中存在命令注入漏洞,该漏洞源于外部输入数据构造可执行命令过程中,网络系统或产品未正确过滤其中的特殊元素。攻击者可利用该漏洞执行非法命令。
Severity
高
Patch Name
Vdsm任意命令执行漏洞的补丁
Patch Description
oVirt Virtual Desktop Server Manager(vdsm)是一款用于管理运行KVM管理程序技术的虚拟机主机管理器。该产品能够管理虚拟主机的存储、内存和网络资源等,并支持虚拟主机的创建。
oVirt vdsm 4.19版本至4.30.3版本和4.30.5版本至4.30.8版本中存在命令注入漏洞,该漏洞源于外部输入数据构造可执行命令过程中,网络系统或产品未正确过滤其中的特殊元素。攻击者可利用该漏洞执行非法命令。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布漏洞修复程序,请及时关注更新: https://gerrit.ovirt.org/#/c/97659/
Reference
https://nvd.nist.gov/vuln/detail/CVE-2019-3831
Impacted products
| Name | ['oVirt Virtual Desktop Server Manager oVirt Virtual Desktop Server Manager >=4.19,<=4.30.3', 'oVirt Virtual Desktop Server Manager oVirt Virtual Desktop Server Manager >=4.30.5,<=4.30.8'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "107037"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2019-3831"
}
},
"description": "oVirt Virtual Desktop Server Manager\uff08vdsm\uff09\u662f\u4e00\u6b3e\u7528\u4e8e\u7ba1\u7406\u8fd0\u884cKVM\u7ba1\u7406\u7a0b\u5e8f\u6280\u672f\u7684\u865a\u62df\u673a\u4e3b\u673a\u7ba1\u7406\u5668\u3002\u8be5\u4ea7\u54c1\u80fd\u591f\u7ba1\u7406\u865a\u62df\u4e3b\u673a\u7684\u5b58\u50a8\u3001\u5185\u5b58\u548c\u7f51\u7edc\u8d44\u6e90\u7b49\uff0c\u5e76\u652f\u6301\u865a\u62df\u4e3b\u673a\u7684\u521b\u5efa\u3002\n\noVirt vdsm 4.19\u7248\u672c\u81f34.30.3\u7248\u672c\u548c4.30.5\u7248\u672c\u81f34.30.8\u7248\u672c\u4e2d\u5b58\u5728\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5916\u90e8\u8f93\u5165\u6570\u636e\u6784\u9020\u53ef\u6267\u884c\u547d\u4ee4\u8fc7\u7a0b\u4e2d\uff0c\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u6b63\u786e\u8fc7\u6ee4\u5176\u4e2d\u7684\u7279\u6b8a\u5143\u7d20\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u975e\u6cd5\u547d\u4ee4\u3002",
"discovererName": "oVirt Virtual Desktop Server Manager",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://gerrit.ovirt.org/#/c/97659/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-14430",
"openTime": "2019-05-16",
"patchDescription": "oVirt Virtual Desktop Server Manager\uff08vdsm\uff09\u662f\u4e00\u6b3e\u7528\u4e8e\u7ba1\u7406\u8fd0\u884cKVM\u7ba1\u7406\u7a0b\u5e8f\u6280\u672f\u7684\u865a\u62df\u673a\u4e3b\u673a\u7ba1\u7406\u5668\u3002\u8be5\u4ea7\u54c1\u80fd\u591f\u7ba1\u7406\u865a\u62df\u4e3b\u673a\u7684\u5b58\u50a8\u3001\u5185\u5b58\u548c\u7f51\u7edc\u8d44\u6e90\u7b49\uff0c\u5e76\u652f\u6301\u865a\u62df\u4e3b\u673a\u7684\u521b\u5efa\u3002\r\n\r\noVirt vdsm 4.19\u7248\u672c\u81f34.30.3\u7248\u672c\u548c4.30.5\u7248\u672c\u81f34.30.8\u7248\u672c\u4e2d\u5b58\u5728\u547d\u4ee4\u6ce8\u5165\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5916\u90e8\u8f93\u5165\u6570\u636e\u6784\u9020\u53ef\u6267\u884c\u547d\u4ee4\u8fc7\u7a0b\u4e2d\uff0c\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u6b63\u786e\u8fc7\u6ee4\u5176\u4e2d\u7684\u7279\u6b8a\u5143\u7d20\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u975e\u6cd5\u547d\u4ee4\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Vdsm\u4efb\u610f\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"oVirt Virtual Desktop Server Manager oVirt Virtual Desktop Server Manager \u003e=4.19\uff0c\u003c=4.30.3",
"oVirt Virtual Desktop Server Manager oVirt Virtual Desktop Server Manager \u003e=4.30.5\uff0c\u003c=4.30.8"
]
},
"referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-3831",
"serverity": "\u9ad8",
"submitTime": "2019-03-26",
"title": "Vdsm\u4efb\u610f\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e"
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…