Vulnerability Name:

CVE-2019-3815 (CCN-156227)

Assigned:2019-01-14
Published:2019-01-14
Updated:2023-02-12
Summary:A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the `_CMDLINE=` entry. A local attacker may use this flaw to make systemd-journald crash. This issue only affects versions shipped with Red Hat Enterprise since v219-62.2.
CVSS v3 Severity:3.3 Low (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
2.9 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
3.5 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
3.3 Low (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
2.9 Low (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:U/RC:R)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
2.1 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-401
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2019-3815

Source: CCN
Type: IBM Security Bulletin 869078 (PowerKVM)
Vulnerabiliies in systemd affect PowerKVM

Source: secalert@redhat.com
Type: Third Party Advisory, VDB Entry
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Vendor Advisory
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla – Bug 1666690
CVE-2019-3815 systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864

Source: secalert@redhat.com
Type: Issue Tracking, Vendor Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
systemd-cve20193815-dos(156227)

Source: CCN
Type: systemd GIT Repository
systemd

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: IBM Security Bulletin 886247 (Security Access Manager Appliance)
Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance

Source: CCN
Type: IBM Security Bulletin 1284766 (Security Identity Governance and Intelligence)
IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerability (CVE-2019-3815)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2019-3815

Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*
    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*
    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*
    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*
    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:systemd_project:systemd:*:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:powerkvm:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*
  • OR cpe:/h:ibm:security_access_manager_appliance:9.0.3.0:*:*:*:*:*:*:*
  • OR cpe:/h:ibm:security_access_manager_appliance:9.0.4.0:*:*:*:*:*:*:*
  • OR cpe:/h:ibm:security_access_manager_appliance:9.0.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.5:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.redhat.rhsa:def:20190201
    P
    		RHSA-2019:0201: systemd security update (Low)
    2019-01-29
    oval:com.ubuntu.xenial:def:201938150000000
    V
    		CVE-2019-3815 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-01-28
    oval:com.ubuntu.xenial:def:20193815000
    V
    		CVE-2019-3815 on Ubuntu 16.04 LTS (xenial) - medium.
    2019-01-28
    oval:com.ubuntu.bionic:def:20193815000
    V
    		CVE-2019-3815 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-01-28
    oval:com.ubuntu.cosmic:def:201938150000000
    V
    		CVE-2019-3815 on Ubuntu 18.10 (cosmic) - medium.
    2019-01-28
    oval:com.ubuntu.cosmic:def:20193815000
    V
    		CVE-2019-3815 on Ubuntu 18.10 (cosmic) - medium.
    2019-01-28
    oval:com.ubuntu.bionic:def:201938150000000
    V
    		CVE-2019-3815 on Ubuntu 18.04 LTS (bionic) - medium.
    2019-01-28
    oval:com.ubuntu.trusty:def:20193815000
    V
    		CVE-2019-3815 on Ubuntu 14.04 LTS (trusty) - medium.
    2019-01-28
    BACK
    systemd_project systemd *
    ibm powerkvm 3.1
    redhat enterprise linux 7
    ibm security access manager appliance 9.0.3.0
    ibm security access manager appliance 9.0.4.0
    ibm security access manager appliance 9.0.5.0
    ibm security identity governance and intelligence 5.2.4
    ibm security identity governance and intelligence 5.2.5