Red Hat Enterprise Linux 8 update for the virt:rhel module



Risk Medium
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2019-20382
CVE-2020-8608
CWE-ID CWE-401
CWE-119
Exploitation vector Network
Public exploit N/A
Vulnerable software
 Red Hat Enterprise Linux Server - TUS
Operating systems & Components / Operating system

Red Hat CodeReady Linux Builder for ARM 64
Operating systems & Components / Operating system

Red Hat CodeReady Linux Builder for Power, little endian
Operating systems & Components / Operating system

Red Hat CodeReady Linux Builder for x86_64
Operating systems & Components / Operating system

Red Hat Enterprise Linux for ARM 64
Operating systems & Components / Operating system

Red Hat Enterprise Linux for Power, little endian
Operating systems & Components / Operating system

Red Hat Enterprise Linux for IBM z Systems
Operating systems & Components / Operating system

Red Hat Enterprise Linux for x86_64
Operating systems & Components / Operating system

Vendor Red Hat Inc.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Memory leak

EUVDB-ID: #VU27388

Risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-20382

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the zrle_compress_data() function in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd. A remote attacker can perform a denial of service attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux Server - TUS: 8.2

Red Hat CodeReady Linux Builder for ARM 64: 8.0

Red Hat CodeReady Linux Builder for Power, little endian: 8.0

Red Hat CodeReady Linux Builder for x86_64: 8.0

Red Hat Enterprise Linux for ARM 64: 8

Red Hat Enterprise Linux for Power, little endian: 8

Red Hat Enterprise Linux for IBM z Systems: 8

Red Hat Enterprise Linux for x86_64: 8.0

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2020:2774


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Buffer overflow

EUVDB-ID: #VU25456

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-8608

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within tcp_subr.c file in libslirp. A local user can pass specially crafted data to the application that is using the affected version of library, trigger memory corruption and execute arbitrary code on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat Enterprise Linux Server - TUS: 8.2

Red Hat CodeReady Linux Builder for ARM 64: 8.0

Red Hat CodeReady Linux Builder for Power, little endian: 8.0

Red Hat CodeReady Linux Builder for x86_64: 8.0

Red Hat Enterprise Linux for ARM 64: 8

Red Hat Enterprise Linux for Power, little endian: 8

Red Hat Enterprise Linux for IBM z Systems: 8

Red Hat Enterprise Linux for x86_64: 8.0

CPE2.3 External links

https://access.redhat.com/errata/RHSA-2020:2774


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###