RHV and the conditions of CVE-2019-3855, CVE-2019-3856, CVE-2019-3857 and CVE-2019-3863

Solution Verified - Updated -

Issue

CVE-2019-3855, CVE-2019-3856, CVE-2019-3857 and CVE-2019-3863 are the vulnerabilities of libssh2. Each CVE description contains the following same statement.

Statement 

This flaw was present in libssh2 packages included in Red Hat Virtualization Hypervisor and 
Management Appliance, however libssh2 in these hosts is never exposed to malicious 
clients or servers.

What does the above statement mean? Does this mean that these vulnerabilities do not occur in Red Hat Virtualization Hypervisor or Management Appliance?

Environment

  • Red Hat Virtualization (RHV)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content