CVE-2019-3815

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux versions since v219-62.2

Description A memory leak was discovered in the backport of fixes in Red Hat Enterprise Linux. The function dispatch message real() in journald-server.c does not free the memory allocated by set iovec field free() to store the CMDLINE= entry. A local attacker may use this flaw to make systemd-journald crash, resulting in a denial of service.

Recommendations For versions since v219-62.2, update to a version that includes the fix for the memory leak issue in the dispatch message real() function. As a temporary workaround, consider restricting access to the systemd-journald service to minimize the risk of exploitation.