Vulnerabilities > CVE-2019-19725 - Double Free vulnerability in multiple products

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
sysstat-project
debian
canonical
CWE-415
critical
nessus
NVD
Published: 2019-12-11
Updated: 2022-12-08

Summary

sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c.

Vulnerable Configurations

Part Description Count
Application
Sysstat_Project
145
OS
Debian
1
OS
Canonical
4

Common Weakness Enumeration (CWE)

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2020-736.NASL
    descriptionThis update for sysstat fixes the following issues : - CVE-2019-19725: Fixed double free in check_file_actlst in sa_common.c (bsc#1159104). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-06
    modified2020-06-01
    plugin id136993
    published2020-06-01
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136993
    titleopenSUSE Security Update : sysstat (openSUSE-2020-736)
    code
    #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2020-736.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(136993);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/05");

  script_cve_id("CVE-2019-19725");

  script_name(english:"openSUSE Security Update : sysstat (openSUSE-2020-736)");
  script_summary(english:"Check for the openSUSE-2020-736 patch");

  script_set_attribute(
    attribute:"synopsis",
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description",
    value:
"This update for sysstat fixes the following issues :

  - CVE-2019-19725: Fixed double free in check_file_actlst
    in sa_common.c (bsc#1159104).

This update was imported from the SUSE:SLE-15:Update update project."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1159104"
  );
  script_set_attribute(
    attribute:"solution",
    value:"Update the affected sysstat packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:sysstat");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:sysstat-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:sysstat-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:sysstat-isag");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/05/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/06/01");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE15.1", reference:"sysstat-12.0.2-lp151.3.15.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"sysstat-debuginfo-12.0.2-lp151.3.15.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"sysstat-debugsource-12.0.2-lp151.3.15.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"sysstat-isag-12.0.2-lp151.3.15.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "sysstat / sysstat-debuginfo / sysstat-debugsource / sysstat-isag");
}
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0026-1.NASL
    descriptionThis update for sysstat fixes the following issues : Security issue fixed : CVE-2019-19725: Fixed double free in check_file_actlst in sa_common.c (bsc#1159104). Bug fixes: Enable log information of starting/stoping services. (bsc#1144923, jsc#SLE-5958) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id132706
    published2020-01-08
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132706
    titleSUSE SLED12 / SLES12 Security Update : sysstat (SUSE-SU-2020:0026-1)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-1_0-0263_SYSSTAT.NASL
    descriptionAn update of the sysstat package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id132969
    published2020-01-16
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132969
    titlePhoton OS 1.0: Sysstat PHSA-2019-1.0-0263
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4242-1.NASL
    descriptionIt was discovered that Sysstat incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-16167) It was discovered that Sysstat incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-19725). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id133143
    published2020-01-21
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133143
    titleUbuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : sysstat vulnerabilities (USN-4242-1)

References