CVE-2019-6454

Impact:
Important
Public Date:
2019-02-18
CWE:
CWE-20
Bugzilla:
1667032: CVE-2019-6454 systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash
It was discovered that systemd allocates a buffer large enough to store the path field of a dbus message without performing enough checks. A local attacker may trigger this flaw by sending a dbus message to systemd with a large path making systemd crash or possibly elevating his privileges.

Find out more about CVE-2019-6454 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

This vulnerability is present in Red Hat Virtualization Hypervisor and Management Appliance, however it can only be exploited locally. Since these systems do not typically have local user accounts, this issue has been rated Moderate severity for Red Hat Virtualization 4.

CVSS v3 metrics

CVSS3 Base Score 7
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector Local
Attack Complexity High
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity Impact High
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 7 (systemd) RHSA-2019:0368 2019-02-19
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (rhvm-appliance) RHSA-2019:0461 2019-03-05
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts (redhat-virtualization-host) RHSA-2019:0457 2019-03-05
Red Hat Enterprise Linux 8 (systemd) RHSA-2019:0990 2019-05-07

Acknowledgements

Red Hat would like to thank Chris Coulson (Ubuntu Security) for reporting this issue.
Last Modified