RHSA-2019:0457HighCVSS 8.0
Red Hat Security Advisory: redhat-virtualization-host security update
🔗 CVE IDs covered (3)
📋 Description
CVE-2019-3813 — spice: Off-by-one error in array access in spice/server/memslot.c CVE-2019-3831 — vdsm: privilege escalation to root via systemd_run CVE-2019-6454 — systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash
🔗 References (7)
- selfhttps://access.redhat.com/errata/RHSA-2019:0457
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1665371
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1667032
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1677108
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1677667
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0457.json