CVE-2019-3815 systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 7
  • systemd

Issue

  • With the newest update on our Openshift Container Platform the process systemd-journald on all types of Nodes (Master-/Infra-/Computing-Nodes) allocate high Memory over time (see RHBZ #1666690)
  • systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864

Resolution

Update to systemd-219-62.el7_6.3 shipped with 7.6.Z Advisory RHSA-2019:0201 or newer.

Please note that reboot of the system or journald service restart:

systemctl restart systemd-journald.service

is needed to assure the fixed version is running.

Root Cause

A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux. Function dispatch_message_real() in journald-server.c does not free the memory allocated by set_iovec_field_free() to store the _CMDLINE= entry.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

1 Comments

the solution does not say if a reboot is needed.