CVE-2019-10153

A flaw was discovered in fence-agents, prior to version 4.3.4, where using non-ASCII characters in a guest VM's comment or other fields would cause fence_rhevm to exit with an exception. In cluster environments, this could lead to preventing automated recovery or otherwise denying service to clusters of which that VM is a member.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
clusterlabsfence-agents
𝑥
< 4.3.4
redhatenterprise_linux
8.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_workstation
7.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
fence-agents
bookworm
4.12.1-1
fixed
bullseye
4.7.1-1
fixed
jessie
not-affected
sid
4.15.0-3
fixed
trixie
4.15.0-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
fence-agents
bionic
not-affected
cosmic
ignored
disco
ignored
eoan
ignored
focal
not-affected
groovy
not-affected
hirsute
not-affected
trusty
dne
xenial
not-affected
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
fence-agents-aliyun
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-all
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-amt-ws
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-apc
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-apc-snmp
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-aws
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-azure-arm
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-bladecenter
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-brocade
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-cisco-mds
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-cisco-ucs
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-common
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-compute
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-drac5
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-eaton-snmp
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-emerson
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-eps
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-gce
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-heuristics-ping
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-hpblade
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-ibmblade
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-ifmib
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-ilo-moonshot
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-ilo-mp
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-ilo-ssh
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-ilo2
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-intelmodular
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-ipdu
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-ipmilan
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-kdump
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-lpar
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-mpath
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-redfish
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-rhevm
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-rsa
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-rsb
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-sbd
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-scsi
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-virsh
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-vmware-rest
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-vmware-soap
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-wti
RHEL 7
0:4.2.1-24.el7
fixed
fence-agents-zvm
RHEL 7
0:4.2.1-24.el7
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2019:2037
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10153
https://github.com/ClusterLabs/fence-agents/pull/255
https://github.com/ClusterLabs/fence-agents/pull/272
https://access.redhat.com/errata/RHSA-2019:2037
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10153
https://github.com/ClusterLabs/fence-agents/pull/255
https://github.com/ClusterLabs/fence-agents/pull/272