CVE-2019-3805

Name of the Vulnerable Software and Affected Versions: WildFly versions up to 16.0.0.Final

Description: A flaw in WildFly allows local users who can execute init.d scripts to terminate arbitrary processes on the system. This can be exploited by modifying the PID file in /var/run/jboss-eap/, enabling the init.d script to terminate any process as root. The issue is caused by synchronization errors when using a shared resource.

Recommendations: For WildFly versions up to 16.0.0.Final, consider restricting access to the init.d script and the /var/run/jboss-eap/ directory to prevent unauthorized modification of the PID file. As a temporary workaround, monitor the system for suspicious process terminations and restrict root access to the init.d script until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.