ID

VAR-201909-0695


CVE

CVE-2019-14835


TITLE

Red Hat Security Advisory 2019-2901-01

Trust: 0.1

sources: PACKETSTORM: 154602

DESCRIPTION

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. 6.5) - x86_64 3. ========================================================================== Kernel Live Patch Security Notice 0058-1 October 22, 2019 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu: | Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 18.04 LTS | 4.15.0 | amd64 | aws | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | oem | | Ubuntu 18.04 LTS | 5.0.0 | amd64 | azure | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | aws | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | azure | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | lowlatency | Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2016-10905) It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-20856) It was discovered that the USB gadget Midi driver in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-20961) It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-20976) It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach operations correctly, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-21008) It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136) It was discovered that the Linux kernel on ARM processors allowed a tracing process to modify a syscall after a seccomp decision had been made on that syscall. A local attacker could possibly use this to bypass seccomp restrictions. (CVE-2019-2054) It was discovered that an integer overflow existed in the Binder implementation of the Linux kernel, leading to a buffer overflow. A local attacker could use this to escalate privileges. (CVE-2019-2181) It was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-3846) It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-10126) It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207) Jonathan Looney discovered that an integer overflow existed in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service (system crash). (CVE-2019-11477) Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (CVE-2019-11478) It was discovered that the ext4 file system implementation in the Linux kernel did not properly zero out memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11833) It was discovered that the PowerPC dlpar implementation in the Linux kernel did not properly check for allocation errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-12614) It was discovered that the floppy driver in the Linux kernel did not properly validate meta data, leading to a buffer overread. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14283) It was discovered that the floppy driver in the Linux kernel did not properly validate ioctl() calls, leading to a division-by-zero. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14284) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14814) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14815) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14816) Matt Delco discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform bounds checking when handling coalesced MMIO write operations. A local attacker with write access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-14821) Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. (CVE-2019-14835) Update instructions: The problem can be corrected by updating your livepatches to the following versions: | Kernel | Version | flavors | |--------------------------+----------+--------------------------| | 4.4.0-148.174 | 58.1 | lowlatency, generic | | 4.4.0-148.174~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-150.176 | 58.1 | generic, lowlatency | | 4.4.0-150.176~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-151.178 | 58.1 | lowlatency, generic | | 4.4.0-151.178~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-154.181 | 58.1 | lowlatency, generic | | 4.4.0-154.181~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-157.185 | 58.1 | lowlatency, generic | | 4.4.0-157.185~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-159.187 | 58.1 | lowlatency, generic | | 4.4.0-159.187~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-161.189 | 58.1 | lowlatency, generic | | 4.4.0-161.189~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-164.192 | 58.1 | lowlatency, generic | | 4.4.0-164.192~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-165.193 | 58.1 | generic, lowlatency | | 4.4.0-1083.93 | 58.1 | aws | | 4.4.0-1084.94 | 58.1 | aws | | 4.4.0-1085.96 | 58.1 | aws | | 4.4.0-1087.98 | 58.1 | aws | | 4.4.0-1088.99 | 58.1 | aws | | 4.4.0-1090.101 | 58.1 | aws | | 4.4.0-1092.103 | 58.1 | aws | | 4.4.0-1094.105 | 58.1 | aws | | 4.15.0-50.54 | 58.1 | generic, lowlatency | | 4.15.0-50.54~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-51.55 | 58.1 | generic, lowlatency | | 4.15.0-51.55~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-52.56 | 58.1 | lowlatency, generic | | 4.15.0-52.56~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-54.58 | 58.1 | generic, lowlatency | | 4.15.0-54.58~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-55.60 | 58.1 | generic, lowlatency | | 4.15.0-58.64 | 58.1 | generic, lowlatency | | 4.15.0-58.64~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-60.67 | 58.1 | lowlatency, generic | | 4.15.0-60.67~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-62.69 | 58.1 | generic, lowlatency | | 4.15.0-62.69~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-64.73 | 58.1 | generic, lowlatency | | 4.15.0-64.73~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-65.74 | 58.1 | lowlatency, generic | | 4.15.0-1038.43 | 58.1 | oem | | 4.15.0-1039.41 | 58.1 | aws | | 4.15.0-1039.44 | 58.1 | oem | | 4.15.0-1040.42 | 58.1 | aws | | 4.15.0-1041.43 | 58.1 | aws | | 4.15.0-1043.45 | 58.1 | aws | | 4.15.0-1043.48 | 58.1 | oem | | 4.15.0-1044.46 | 58.1 | aws | | 4.15.0-1045.47 | 58.1 | aws | | 4.15.0-1045.50 | 58.1 | oem | | 4.15.0-1047.49 | 58.1 | aws | | 4.15.0-1047.51 | 58.1 | azure | | 4.15.0-1048.50 | 58.1 | aws | | 4.15.0-1049.54 | 58.1 | azure | | 4.15.0-1050.52 | 58.1 | aws | | 4.15.0-1050.55 | 58.1 | azure | | 4.15.0-1050.57 | 58.1 | oem | | 4.15.0-1051.53 | 58.1 | aws | | 4.15.0-1051.56 | 58.1 | azure | | 4.15.0-1052.57 | 58.1 | azure | | 4.15.0-1055.60 | 58.1 | azure | | 4.15.0-1056.61 | 58.1 | azure | | 4.15.0-1056.65 | 58.1 | oem | | 4.15.0-1057.62 | 58.1 | azure | | 4.15.0-1057.66 | 58.1 | oem | | 4.15.0-1059.64 | 58.1 | azure | | 5.0.0-1014.14~18.04.1 | 58.1 | azure | | 5.0.0-1016.17~18.04.1 | 58.1 | azure | | 5.0.0-1018.19~18.04.1 | 58.1 | azure | | 5.0.0-1020.21~18.04.1 | 58.1 | azure | Support Information: Kernels older than the levels listed below do not receive livepatch updates. Please upgrade your kernel as soon as possible. | Series | Version | Flavors | |------------------+------------------+--------------------------| | Ubuntu 18.04 LTS | 4.15.0-1039 | aws | | Ubuntu 16.04 LTS | 4.4.0-1083 | aws | | Ubuntu 18.04 LTS | 5.0.0-1000 | azure | | Ubuntu 16.04 LTS | 4.15.0-1047 | azure | | Ubuntu 18.04 LTS | 4.15.0-50 | generic lowlatency | | Ubuntu 16.04 LTS | 4.15.0-50 | generic lowlatency | | Ubuntu 14.04 LTS | 4.4.0-148 | generic lowlatency | | Ubuntu 18.04 LTS | 4.15.0-1038 | oem | | Ubuntu 16.04 LTS | 4.4.0-148 | generic lowlatency | References: CVE-2016-10905, CVE-2018-20856, CVE-2018-20961, CVE-2018-20976, CVE-2018-21008, CVE-2019-0136, CVE-2019-2054, CVE-2019-2181, CVE-2019-3846, CVE-2019-10126, CVE-2019-10207, CVE-2019-11477, CVE-2019-11478, CVE-2019-11833, CVE-2019-12614, CVE-2019-14283, CVE-2019-14284, CVE-2019-14814, CVE-2019-14815, CVE-2019-14816, CVE-2019-14821, CVE-2019-14835 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.199/*: Upgraded. These updates fix various bugs and security issues. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 4.4.191: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3900 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15118 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10905 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15117 Fixed in 4.4.193: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835 Fixed in 4.4.194: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14816 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14814 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15505 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821 Fixed in 4.4.195: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17053 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17052 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17056 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17055 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17054 Fixed in 4.4.196: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2215 Fixed in 4.4.197: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16746 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20976 Fixed in 4.4.198: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17075 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17133 Fixed in 4.4.199: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15098 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199_smp-noarch-1.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199-noarch-1.txz MD5 signatures: +-------------+ Slackware 14.2 packages: 0e523f42e759ecc2399f36e37672f110 kernel-generic-4.4.199-i586-1.txz ee6451f5362008b46fee2e08e3077b21 kernel-generic-smp-4.4.199_smp-i686-1.txz a8338ef88f2e3ea9c74d564c36ccd420 kernel-headers-4.4.199_smp-x86-1.txz cd9e9c241e4eec2fba1dae658a28870e kernel-huge-4.4.199-i586-1.txz 842030890a424023817d42a83a86a7f4 kernel-huge-smp-4.4.199_smp-i686-1.txz 257db024bb4501548ac9118dbd2d9ae6 kernel-modules-4.4.199-i586-1.txz 96377cbaf7bca55aaca70358c63151a7 kernel-modules-smp-4.4.199_smp-i686-1.txz 0673e86466f9e624964d95107cf6712f kernel-source-4.4.199_smp-noarch-1.txz Slackware x86_64 14.2 packages: 6d1ff428e7cad6caa8860acc402447a1 kernel-generic-4.4.199-x86_64-1.txz dadc091dc725b8227e0d1e35098d6416 kernel-headers-4.4.199-x86-1.txz f5f4c034203f44dd1513ad3504c42515 kernel-huge-4.4.199-x86_64-1.txz a5337cd8b2ca80d4d93b9e9688e42b03 kernel-modules-4.4.199-x86_64-1.txz 5dd6e46c04f37b97062dc9e52cc38add kernel-source-4.4.199-noarch-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.199-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.199 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2019:2863-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2863 Issue date: 2019-09-23 CVE Names: CVE-2019-14835 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. (CVE-2019-14835) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1750727 - CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-754.23.1.el6.src.rpm i386: kernel-2.6.32-754.23.1.el6.i686.rpm kernel-debug-2.6.32-754.23.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm kernel-devel-2.6.32-754.23.1.el6.i686.rpm kernel-headers-2.6.32-754.23.1.el6.i686.rpm perf-2.6.32-754.23.1.el6.i686.rpm perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm kernel-doc-2.6.32-754.23.1.el6.noarch.rpm kernel-firmware-2.6.32-754.23.1.el6.noarch.rpm x86_64: kernel-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm kernel-devel-2.6.32-754.23.1.el6.x86_64.rpm kernel-headers-2.6.32-754.23.1.el6.x86_64.rpm perf-2.6.32-754.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm python-perf-2.6.32-754.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm python-perf-2.6.32-754.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-754.23.1.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm kernel-doc-2.6.32-754.23.1.el6.noarch.rpm kernel-firmware-2.6.32-754.23.1.el6.noarch.rpm x86_64: kernel-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm kernel-devel-2.6.32-754.23.1.el6.x86_64.rpm kernel-headers-2.6.32-754.23.1.el6.x86_64.rpm perf-2.6.32-754.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm python-perf-2.6.32-754.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-754.23.1.el6.src.rpm i386: kernel-2.6.32-754.23.1.el6.i686.rpm kernel-debug-2.6.32-754.23.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm kernel-devel-2.6.32-754.23.1.el6.i686.rpm kernel-headers-2.6.32-754.23.1.el6.i686.rpm perf-2.6.32-754.23.1.el6.i686.rpm perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm kernel-doc-2.6.32-754.23.1.el6.noarch.rpm kernel-firmware-2.6.32-754.23.1.el6.noarch.rpm ppc64: kernel-2.6.32-754.23.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-754.23.1.el6.ppc64.rpm kernel-debug-2.6.32-754.23.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-754.23.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-754.23.1.el6.ppc64.rpm kernel-devel-2.6.32-754.23.1.el6.ppc64.rpm kernel-headers-2.6.32-754.23.1.el6.ppc64.rpm perf-2.6.32-754.23.1.el6.ppc64.rpm perf-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm s390x: kernel-2.6.32-754.23.1.el6.s390x.rpm kernel-debug-2.6.32-754.23.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.s390x.rpm kernel-debug-devel-2.6.32-754.23.1.el6.s390x.rpm kernel-debuginfo-2.6.32-754.23.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.23.1.el6.s390x.rpm kernel-devel-2.6.32-754.23.1.el6.s390x.rpm kernel-headers-2.6.32-754.23.1.el6.s390x.rpm kernel-kdump-2.6.32-754.23.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.23.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-754.23.1.el6.s390x.rpm perf-2.6.32-754.23.1.el6.s390x.rpm perf-debuginfo-2.6.32-754.23.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.s390x.rpm x86_64: kernel-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm kernel-devel-2.6.32-754.23.1.el6.x86_64.rpm kernel-headers-2.6.32-754.23.1.el6.x86_64.rpm perf-2.6.32-754.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm python-perf-2.6.32-754.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-754.23.1.el6.ppc64.rpm perf-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm python-perf-2.6.32-754.23.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-754.23.1.el6.s390x.rpm kernel-debuginfo-2.6.32-754.23.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-754.23.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-754.23.1.el6.s390x.rpm perf-debuginfo-2.6.32-754.23.1.el6.s390x.rpm python-perf-2.6.32-754.23.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm python-perf-2.6.32-754.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-754.23.1.el6.src.rpm i386: kernel-2.6.32-754.23.1.el6.i686.rpm kernel-debug-2.6.32-754.23.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm kernel-devel-2.6.32-754.23.1.el6.i686.rpm kernel-headers-2.6.32-754.23.1.el6.i686.rpm perf-2.6.32-754.23.1.el6.i686.rpm perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm kernel-doc-2.6.32-754.23.1.el6.noarch.rpm kernel-firmware-2.6.32-754.23.1.el6.noarch.rpm x86_64: kernel-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm kernel-debug-devel-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm kernel-devel-2.6.32-754.23.1.el6.x86_64.rpm kernel-headers-2.6.32-754.23.1.el6.x86_64.rpm perf-2.6.32-754.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-2.6.32-754.23.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-754.23.1.el6.i686.rpm perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm python-perf-2.6.32-754.23.1.el6.i686.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-754.23.1.el6.x86_64.rpm perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm python-perf-2.6.32-754.23.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-754.23.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-14835 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kernel-vhost 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXYiPr9zjgjWX9erEAQjN1A/+IHOdg8Beicp8yr78sUumJ7+hE87hxu0f TCubCbjezezlvYlEfTcCz0nCF6HvcETrxNA6yj70lVLL6zc/ink1/EV7IaIis4f7 pQ5eO6pc8d0jm0x4k5y5Kjif0bxROUJeSvuI6p3nfhDZkXH5rswlfZC3/GlzVrpY CJWDWWYdcOlK6KYCai/AZTPVGL2qOvtIma7tbYfhXyyexk48S/mYIgwVKyH2MYG/ sYVoZQRuq9cT9Obl0y/O9LcG3RJ6+JAhC5+FvU3zcbndT+32SEeKKlmbSSEYuFmE SFRRWDiZX1uhElW/K7nYrRTN87bJZ0wgIOvXauQmWMwS1NAuelQIqOQ3NAXG8oYz A/wOPkILOHI352z8/Dm+p/Po6Ql/PUPZBT+GYmLv+Mju0pckg/7OLLqHqFUGwEey J0rSl9OaePNyOmUdPYOAOKPrwRnLHArG3kSKzLDnW2T1MQX0/51tDgasxptS1ekQ S8mvrKJoqc7Vlghx3jZ854/Uegx6J7eUlQmuSWvZGAM6sR9826TzpQHag2am1sUt JtAjh9Zv4f+C292ltjLRtp2zuKmYQNcDCl8NoustAi7SXvYcAYr5uSXDMc+BajIa MY2jtvyVIyGHpf4jkoDBtTLtmhIyhU+fs1MEF9SI0nvbveqMMzJFXXs6ExOy0OBI 1XpQhVd4g6E=hfEj -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The following packages have been upgraded to a later upstream version: redhat-release-virtualization-host (4.2), redhat-virtualization-host (4.2). 7.2) - noarch, x86_64 3. (CVE-2019-14835) * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * fs deadlock when a memory allocation waits on page writeback in NOFS context (BZ#1729103) * fragmented packets timing out (BZ#1729409) * kernel build: speed up debuginfo extraction (BZ#1731460) * use "make -jN" for modules_install (BZ#1735079) * shmem: consider shm_mnt as a long-term mount (BZ#1737374) * raid1d can hang in freeze_array if handling a mix of read and write errors (BZ#1737792) * Backport TCP follow-up for small buffers (BZ#1739125) 4. 7) - ppc64le, x86_64 3. Description: This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3

Trust: 1.98

sources: NVD: CVE-2019-14835 // VULHUB: VHN-146821 // PACKETSTORM: 154602 // PACKETSTORM: 154585 // PACKETSTORM: 154608 // PACKETSTORM: 154951 // PACKETSTORM: 155212 // PACKETSTORM: 154569 // PACKETSTORM: 154563 // PACKETSTORM: 154659 // PACKETSTORM: 154607 // PACKETSTORM: 154558 // PACKETSTORM: 154539

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:ltversion:3.16.74

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:19.04

Trust: 1.0

vendor:netappmodel:h300sscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.4

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.0

vendor:huaweimodel:imanager neteco 6000scope:eqversion:v600r008c20

Trust: 1.0

vendor:netappmodel:service processorscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.19

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.2

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.9

Trust: 1.0

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:12.04

Trust: 1.0

vendor:huaweimodel:imanager netecoscope:eqversion:v600r009c00

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.6

Trust: 1.0

vendor:huaweimodel:imanager netecoscope:eqversion:v600r009c10spc200

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:huaweimodel:manageonescope:eqversion:6.5.0

Trust: 1.0

vendor:netappmodel:h300escope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.5

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.2

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.0

Trust: 1.0

vendor:netappmodel:h700escope:eqversion: -

Trust: 1.0

vendor:netappmodel:h500sscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux for real timescope:eqversion:8

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.3

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.6

Trust: 1.0

vendor:redhatmodel:openshift container platformscope:eqversion:3.11

Trust: 1.0

vendor:netappmodel:aff a700sscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.14

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.73

Trust: 1.0

vendor:huaweimodel:manageonescope:eqversion:6.5.1rc1.b080

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.7

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:5.3

Trust: 1.0

vendor:redhatmodel:virtualizationscope:eqversion:4.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.14.144

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.4

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.9.193

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:netappmodel:h410cscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:29

Trust: 1.0

vendor:netappmodel:h500escope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.4.193

Trust: 1.0

vendor:netappmodel:solidfirescope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.3

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:2.6.34

Trust: 1.0

vendor:netappmodel:h410sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h610sscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux for real timescope:eqversion:7

Trust: 1.0

vendor:huaweimodel:manageonescope:eqversion:6.5.1rc1.b060

Trust: 1.0

vendor:huaweimodel:manageonescope:eqversion:6.5.0.spc100.b210

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:30

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:huaweimodel:manageonescope:eqversion:6.5.rc2.b050

Trust: 1.0

vendor:redhatmodel:virtualization hostscope:eqversion:4.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.2

Trust: 1.0

vendor:netappmodel:h700sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:hci management nodescope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.7

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.6

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.2.15

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.4

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.5

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.1

Trust: 1.0

vendor:huaweimodel:imanager neteco 6000scope:eqversion:v600r008c10spc300

Trust: 1.0

sources: NVD: CVE-2019-14835

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-14835
value: HIGH

Trust: 1.0

secalert@redhat.com: CVE-2019-14835
value: HIGH

Trust: 1.0

VULHUB: VHN-146821
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-14835
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-146821
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-14835
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

secalert@redhat.com: CVE-2019-14835
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.6
impactScore: 6.0
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-146821 // NVD: CVE-2019-14835 // NVD: CVE-2019-14835

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.1

sources: VULHUB: VHN-146821 // NVD: CVE-2019-14835

THREAT TYPE

local

Trust: 0.1

sources: PACKETSTORM: 154951

TYPE

overflow

Trust: 0.9

sources: PACKETSTORM: 154602 // PACKETSTORM: 154585 // PACKETSTORM: 154608 // PACKETSTORM: 154569 // PACKETSTORM: 154563 // PACKETSTORM: 154659 // PACKETSTORM: 154607 // PACKETSTORM: 154558 // PACKETSTORM: 154539

EXTERNAL IDS

db:NVDid:CVE-2019-14835

Trust: 2.2

db:PACKETSTORMid:155212

Trust: 1.2

db:PACKETSTORMid:154951

Trust: 1.2

db:PACKETSTORMid:154572

Trust: 1.1

db:OPENWALLid:OSS-SECURITY/2019/10/03/1

Trust: 1.1

db:OPENWALLid:OSS-SECURITY/2019/10/09/7

Trust: 1.1

db:OPENWALLid:OSS-SECURITY/2019/09/24/1

Trust: 1.1

db:OPENWALLid:OSS-SECURITY/2019/10/09/3

Trust: 1.1

db:OPENWALLid:OSS-SECURITY/2019/09/17/1

Trust: 1.1

db:PACKETSTORMid:154539

Trust: 0.2

db:PACKETSTORMid:154602

Trust: 0.2

db:PACKETSTORMid:154563

Trust: 0.2

db:PACKETSTORMid:154558

Trust: 0.2

db:PACKETSTORMid:154585

Trust: 0.2

db:PACKETSTORMid:154659

Trust: 0.2

db:PACKETSTORMid:154569

Trust: 0.2

db:PACKETSTORMid:154538

Trust: 0.1

db:PACKETSTORMid:154513

Trust: 0.1

db:PACKETSTORMid:154570

Trust: 0.1

db:PACKETSTORMid:154562

Trust: 0.1

db:PACKETSTORMid:154514

Trust: 0.1

db:PACKETSTORMid:154566

Trust: 0.1

db:PACKETSTORMid:154564

Trust: 0.1

db:PACKETSTORMid:154540

Trust: 0.1

db:PACKETSTORMid:154565

Trust: 0.1

db:PACKETSTORMid:154541

Trust: 0.1

db:CNNVDid:CNNVD-201909-807

Trust: 0.1

db:VULHUBid:VHN-146821

Trust: 0.1

db:PACKETSTORMid:154608

Trust: 0.1

db:PACKETSTORMid:154607

Trust: 0.1

sources: VULHUB: VHN-146821 // PACKETSTORM: 154602 // PACKETSTORM: 154585 // PACKETSTORM: 154608 // PACKETSTORM: 154951 // PACKETSTORM: 155212 // PACKETSTORM: 154569 // PACKETSTORM: 154563 // PACKETSTORM: 154659 // PACKETSTORM: 154607 // PACKETSTORM: 154558 // PACKETSTORM: 154539 // NVD: CVE-2019-14835

REFERENCES

url:https://access.redhat.com/errata/rhsa-2019:2827

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2854

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2863

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2869

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2889

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2899

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2900

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2901

Trust: 1.2

url:https://access.redhat.com/errata/rhsa-2019:2924

Trust: 1.2

url:https://seclists.org/bugtraq/2019/sep/41

Trust: 1.1

url:https://seclists.org/bugtraq/2019/nov/11

Trust: 1.1

url:https://www.debian.org/security/2019/dsa-4531

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/yw3qnmpenpfegvtofpsnobl7jeijs25p/

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/kqfy6jyfiq2vfq7qcsxpwtul5zdncjl5/

Trust: 1.1

url:https://access.redhat.com/errata/rhba-2019:2824

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2828

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2829

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2830

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2862

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2864

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2865

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2866

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2019:2867

Trust: 1.1

url:https://usn.ubuntu.com/4135-1/

Trust: 1.1

url:https://usn.ubuntu.com/4135-2/

Trust: 1.1

url:https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html

Trust: 1.1

url:https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html

Trust: 1.1

url:http://www.openwall.com/lists/oss-security/2019/09/24/1

Trust: 1.1

url:http://www.openwall.com/lists/oss-security/2019/10/03/1

Trust: 1.1

url:http://www.openwall.com/lists/oss-security/2019/10/09/3

Trust: 1.1

url:http://www.openwall.com/lists/oss-security/2019/10/09/7

Trust: 1.1

url:http://packetstormsecurity.com/files/154572/kernel-live-patch-security-notice-lsn-0056-1.html

Trust: 1.1

url:http://packetstormsecurity.com/files/154951/kernel-live-patch-security-notice-lsn-0058-1.html

Trust: 1.1

url:http://packetstormsecurity.com/files/155212/slackware-security-advisory-slackware-14.2-kernel-updates.html

Trust: 1.1

url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en

Trust: 1.1

url:https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-14835

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20191031-0005/

Trust: 1.1

url:https://www.openwall.com/lists/oss-security/2019/09/17/1

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14835

Trust: 1.1

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.9

url:https://access.redhat.com/security/vulnerabilities/kernel-vhost

Trust: 0.9

url:https://access.redhat.com/security/cve/cve-2019-14835

Trust: 0.9

url:https://bugzilla.redhat.com/):

Trust: 0.9

url:https://access.redhat.com/security/team/key/

Trust: 0.9

url:https://access.redhat.com/security/team/contact/

Trust: 0.9

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.9

url:https://access.redhat.com/articles/11258

Trust: 0.7

url:https://access.redhat.com/articles/2974891

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-1125

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-1125

Trust: 0.2

url:https://access.redhat.com/articles/4329821

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14821

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-10905

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14816

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-20976

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14814

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14815

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20856

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11478

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2181

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-10207

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11477

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-3846

Trust: 0.1

url:https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-12614

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-21008

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-10126

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14284

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14283

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11833

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2054

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-0136

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20961

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14835

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2215

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17054

Trust: 0.1

url:http://slackware.com

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-16746

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17055

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17075

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15118

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17053

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10906

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-10906

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-20976

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17052

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15117

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17133

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14816

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15505

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15098

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-16746

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17054

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2215

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15118

Trust: 0.1

url:http://slackware.com/gpg-key

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10905

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17056

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3900

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15117

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17056

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14821

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10638

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15098

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17075

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17053

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-3900

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-10638

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17055

Trust: 0.1

url:http://osuosl.org)

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14814

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17133

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15505

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-17052

Trust: 0.1

sources: VULHUB: VHN-146821 // PACKETSTORM: 154602 // PACKETSTORM: 154585 // PACKETSTORM: 154608 // PACKETSTORM: 154951 // PACKETSTORM: 155212 // PACKETSTORM: 154569 // PACKETSTORM: 154563 // PACKETSTORM: 154659 // PACKETSTORM: 154607 // PACKETSTORM: 154558 // PACKETSTORM: 154539 // NVD: CVE-2019-14835

CREDITS

Red Hat

Trust: 0.9

sources: PACKETSTORM: 154602 // PACKETSTORM: 154585 // PACKETSTORM: 154608 // PACKETSTORM: 154569 // PACKETSTORM: 154563 // PACKETSTORM: 154659 // PACKETSTORM: 154607 // PACKETSTORM: 154558 // PACKETSTORM: 154539

SOURCES

db:VULHUBid:VHN-146821
db:PACKETSTORMid:154602
db:PACKETSTORMid:154585
db:PACKETSTORMid:154608
db:PACKETSTORMid:154951
db:PACKETSTORMid:155212
db:PACKETSTORMid:154569
db:PACKETSTORMid:154563
db:PACKETSTORMid:154659
db:PACKETSTORMid:154607
db:PACKETSTORMid:154558
db:PACKETSTORMid:154539
db:NVDid:CVE-2019-14835

LAST UPDATE DATE

2025-09-03T20:50:39.229000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-146821date:2023-02-12T00:00:00
db:NVDid:CVE-2019-14835date:2024-11-21T04:27:27.790

SOURCES RELEASE DATE

db:VULHUBid:VHN-146821date:2019-09-17T00:00:00
db:PACKETSTORMid:154602date:2019-09-25T17:55:27
db:PACKETSTORMid:154585date:2019-09-24T17:05:22
db:PACKETSTORMid:154608date:2019-09-25T18:06:56
db:PACKETSTORMid:154951date:2019-10-23T18:32:10
db:PACKETSTORMid:155212date:2019-11-08T15:37:19
db:PACKETSTORMid:154569date:2019-09-23T18:26:57
db:PACKETSTORMid:154563date:2019-09-23T18:25:56
db:PACKETSTORMid:154659date:2019-09-30T04:44:44
db:PACKETSTORMid:154607date:2019-09-25T18:06:46
db:PACKETSTORMid:154558date:2019-09-21T18:10:56
db:PACKETSTORMid:154539date:2019-09-20T14:57:46
db:NVDid:CVE-2019-14835date:2019-09-17T16:15:10.980