CVE-2019-3805

Description

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.

References

Link	Tags
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3805	issue tracking vendor advisory
https://access.redhat.com/errata/RHSA-2019:1107	vendor advisory
https://access.redhat.com/errata/RHSA-2019:1108	vendor advisory
https://access.redhat.com/errata/RHSA-2019:1106	vendor advisory
https://access.redhat.com/errata/RHSA-2019:1140	vendor advisory
https://security.netapp.com/advisory/ntap-20190517-0004/	third party advisory
https://access.redhat.com/errata/RHSA-2019:2413	vendor advisory
https://access.redhat.com/errata/RHSA-2020:0727	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2019-3805?: CVE-2019-3805 has been scored as a medium severity vulnerability.
How to fix CVE-2019-3805?: To fix CVE-2019-3805, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2019-3805 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2019-3805 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2019-3805?: CVE-2019-3805 affects Red Hat wildfly.

Description

Categories

CWE-364 – Signal Handler Race Condition

CWE-269 – Improper Privilege Management

References

Frequently Asked Questions