Описание
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data.
Отчет
This issue affects the versions of systemd as shipped with Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having a security impact of Moderate. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/. Red Hat Virtualization Hypervisor and Management Appliance include vulnerable versions of systemd. However, since exploitation requires local access and impact is restricted to information disclosure, this flaw is rated as having a security issue of Low. Future updates may address this issue.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | systemd | Not affected | ||
| Red Hat Virtualization 4 | redhat-virtualization-host | Will not fix | ||
| Red Hat Virtualization 4 | rhvm-appliance | Will not fix | ||
| Red Hat Ansible Tower 3.4 for RHEL 7 | ansible-tower-34/ansible-tower-memcached | Fixed | RHBA-2020:0547 | 18.02.2020 |
| Red Hat Ansible Tower 3.4 for RHEL 7 | ansible-tower-35/ansible-tower-memcached | Fixed | RHBA-2020:0547 | 18.02.2020 |
| Red Hat Ansible Tower 3.4 for RHEL 7 | ansible-tower-37/ansible-tower-memcached-rhel7 | Fixed | RHBA-2020:0547 | 18.02.2020 |
| Red Hat Enterprise Linux 7 | systemd | Fixed | RHSA-2019:2091 | 06.08.2019 |
| Red Hat Enterprise Linux 7.4 Advanced Update Support | systemd | Fixed | RHSA-2020:0593 | 25.02.2020 |
| Red Hat Enterprise Linux 7.4 Telco Extended Update Support | systemd | Fixed | RHSA-2020:0593 | 25.02.2020 |
| Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions | systemd | Fixed | RHSA-2020:0593 | 25.02.2020 |
Показывать по
Дополнительная информация
Статус:
4.3 Medium
CVSS3
Связанные уязвимости
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
An out of bounds read was discovered in systemd-journald in the way it ...
An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable.
4.3 Medium
CVSS3