Red Hat update for redhat-virtualization-host
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2019-3813 CVE-2019-3831 CVE-2019-6454 |
| CWE-ID | CWE-193 CWE-77 CWE-20 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Red Hat Virtualization Host Web applications / Remote management & hosting panels Red Hat Virtualization Server applications / Virtualization software |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Off-by-one
EUVDB-ID: #VU17324
Risk: Medium
CVSSv3.1: 7 [CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-3813
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows an adjacent authenticated attacker to cause DoS condition.
The vulnerability exists due to an off-by-one error in memslot_get_virt. An adjacent can trigger out-of-bounds read and cause the program to crash if it received specially crafted network traffic. In case the attacker in unauthenticated it's possible to execute arbitrary code.
MitigationInstall updates from vendor's website.
Red Hat Virtualization Host: 4
Red Hat Virtualization: 4
External linkshttp://access.redhat.com/errata/RHSA-2019:0457
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Command injection
EUVDB-ID: #VU17772
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-3831
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local high-privileged attacker to execute arbitrary code on the target system.
The vulnerability exists due to exposure of exposed a systemd_run() function to the vdsm system use. A local attacker can inject arbitrary commands and execute arbitrary code with elevated privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Virtualization Host: 4
Red Hat Virtualization: 4
External linkshttp://access.redhat.com/errata/RHSA-2019:0457
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU17752
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-6454
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local unauthenticated attacker to cause DoS condition on the target system.
The weakness exists due to incorrect handling of certain D-Bus messages. A local attacker can supply specially crafted D-Bus messages to crash the init process, resulting in a system denial-of-service (kernel panic).
Install updates from vendor's website.
Red Hat Virtualization Host: 4
Red Hat Virtualization: 4
External linkshttp://access.redhat.com/errata/RHSA-2019:0457
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
