virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py.
Created virt-bootstrap tracking bugs for this issue:
Affects: fedora-all [bug 1727771]
Name: Fabiano Fidêncio (Red Hat)
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.