tmpfiles.d/systemd.conf in systemd v213 uses weak permissions for journal files under /run/log/journal/%m and /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files.
Introduced in v213 by commit:
Fixed in v214 by commit:
Current RHEL version is shipped with v219, and is not affected by this issue.
Additional precision :
The vulnerability was introduced in v213. Previous RHEL7 versions (7.0, 7.1, and their asynchronous releases) are based on v207 and v208, and are not affected either.