A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2019:2037 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10153 | Issue Tracking Third Party Advisory |
https://github.com/ClusterLabs/fence-agents/pull/255 | Patch Third Party Advisory |
https://github.com/ClusterLabs/fence-agents/pull/272 | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2019-07-30T22:10:35
Updated: 2019-08-06T16:06:22
Reserved: 2019-03-27T00:00:00
Link: CVE-2019-10153
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-07-30T23:15:11.980
Modified: 2023-02-02T18:58:52.113
Link: CVE-2019-10153
JSON object: View
Redhat Information
No data.
CWE