CVE-2019-3815
3.3
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Exploitability: 1.8 / Impact: 1.4
Source: NVD
Description
A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A local attacker may use this flaw to make systemd-journald crash. This issue only affects versions shipped with Red Hat Enterprise since v219-62.2.
Affected (7)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 7.0 | |
| Version 7.0 | |
| Version 7.6 | |
| Version 7.6 | |
| Version 7.0 | |
| Version 3.11 |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version 8.0 |
References (10)
Source: secalert@redhat.com
Issue TrackingVendor Advisory
Source: secalert@redhat.com
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Timeline
No history available yet.