Bug 1766641 (CVE-2019-17040)

Summary: CVE-2019-17040 rsyslog: out-of-bounds read in contrib/pmdb2diag/pmdb2diag.c
Product: [Other] Security Response Reporter: Guilherme de Almeida Suckevicz <gsuckevi>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: dapospis, ebenes, jlieskov, jvymazal, lkundrak, mah.darade, rmeggins, rsroka, tosykora, yozone
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-11-04 04:28:27 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1766642    
Bug Blocks: 1766703    

Description Guilherme de Almeida Suckevicz 2019-10-29 14:52:06 UTC 
contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bounds access because the level length is mishandled.

Reference:
https://github.com/rsyslog/rsyslog/pull/3875
Comment 1 Guilherme de Almeida Suckevicz 2019-10-29 14:52:21 UTC 
Created rsyslog tracking bugs for this issue:

Affects: fedora-all [bug 1766642]
Comment 2 Huzaifa S. Sidhpurwala 2019-11-04 04:15:10 UTC 
Upstream commit: https://github.com/rsyslog/rsyslog/pull/3875/commits/b0894088b680666035a3418326e13bc99d4fed49
Comment 3 Huzaifa S. Sidhpurwala 2019-11-04 04:28:27 UTC 
This flaw affects the pmdb2diag.c code file which was introduced in rsyslog-8.1903.0 which was released on 2019-03-05. Older versions of rsyslog are not affected by this flaw.