VARIoT IoT vulnerabilities database

Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access. Intel(R) SPS Has unspecified vulnerabilities.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Server Platform Services (SPS) is a server platform service program of Intel Corporation. Security vulnerabilities exist in the subsystems of Intel SPS versions prior to SPS_E5_04.01.04.275.0, SPS_SoC-X_04.00.04.100.0 and SPS_SoC-A_04.00.04.191.0. A local attacker could exploit this vulnerability to cause a denial of service

Insufficient access control in hardware abstraction driver for MEInfo software for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for Intel(R) TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before; INTEL-SA-00125 Detection Tool version 1.0.45.0 or before may allow an authenticated user to potentially enable escalation of privilege via local access. plural Intel There are unspecified vulnerabilities in the product.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) and others are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). INTEL-SA-00086 Detection Tool is a detection tool for detecting INTEL-SA-00086 security issues. A security vulnerability exists in several Intel products. The vulnerability is caused by the program's insufficient access control. A local attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected: Intel CSME before 11.8.70, before 11.11.70, before 11.22.70, before 12.0.45, before 13.0.0, before 14.0.10; Intel TXE 3.1.70 Previous versions, versions before 4.0.20; INTEL-SA-00086 Detection Tool 1.2.7.0 and earlier versions; INTEL-SA-00125 Detection Tool 1.0.45.0 and earlier versions

Authentication bypass in the subsystem for Intel(R) CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.10 and 14.0.10; Intel(R) TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access. Intel(R) CSME and TXE Contains an authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). Security vulnerabilities exist in subsystems in Intel CSME and Intel TXE. A local attacker could exploit this vulnerability to bypass authentication and elevate privileges. The following products and versions are affected: Intel CSME before 11.8.70, before 11.11.70, before 11.22.70, before 12.0.45, before 13.0.10, before 14.0.10; Intel TXE 3.1.70 Previous versions, versions before 4.0.20

Cross site scripting in subsystem in Intel(R) AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow a privileged user to potentially enable escalation of privilege via network access. Intel(R) AMT Contains a cross-site scripting vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Active Management Technology (AMT) is a set of hardware-based computer remote active management technology software developed by Intel Corporation. A subsystem in Intel AMT has a cross-site scripting vulnerability. An attacker could exploit this vulnerability to elevate privileges. The following products and versions are affected: Intel AMT versions prior to 11.8.70, versions prior to 11.11.70, versions prior to 11.22.70, and versions prior to 12.0.45

Insufficient input validation in subsystem for Intel(R) CSME before versions 12.0.45 and 13.0.10 may allow a privileged user to potentially enable escalation of privilege via local access. Intel(R) CSME Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Converged Security and Management Engine (CSME) is a security management engine of Intel Corporation. A security vulnerability exists in the subsystems of Intel CSME prior to 12.0.45 and prior to 13.0.10 due to insufficient input validation. A local attacker could exploit this vulnerability to elevate privileges

A potential vulnerability in the SMI callback function used in Legacy USB driver using passed parameter without sufficient checking in some Lenovo ThinkPad models may allow arbitrary code execution. plural Lenovo ThinkPad The product contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state

Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access. Intel(R) Graphics Driver Contains a buffer error vulnerability.Information may be obtained. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A local attacker could exploit this vulnerability to obtain sensitive information

Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) Graphics Driver Contains a privilege management vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in the Kernel Mode Driver in Intel Graphics Drivers versions prior to 26.20.100.6813 (DCH) or versions prior to 26.20.100.6812. A local attacker could exploit this vulnerability to elevate privileges

Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) Graphics Driver Is NULL A vulnerability related to pointer dereference exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A code issue vulnerability exists in the Unified Shader Compiler in versions prior to Intel Graphics Drivers 10.18.14.5074. A local attacker could exploit this vulnerability to elevate privileges

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Driver Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A local attacker could exploit this vulnerability to cause a denial of service

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access. plural Intel The product contains a privilege management vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A security vulnerability exists in the Intel graphics hardware (GPU) due to the program's inadequate access controls. ========================================================================== Ubuntu Security Notice USN-4184-1 November 13, 2019 linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-oem-osp1, linux-oracle, linux-raspi2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems - linux-hwe: Linux hardware enablement (HWE) kernel - linux-oem-osp1: Linux kernel for OEM processors Details: Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) Jann Horn discovered a reference count underflow in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15791) Jann Horn discovered a type confusion vulnerability in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15792) Jann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace. A local attacker could use this to possibly bypass DAC permissions or have some other unspecified impact. (CVE-2019-15793) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: linux-image-5.0.0-1007-oracle 5.0.0-1007.12 linux-image-5.0.0-1021-aws 5.0.0-1021.24 linux-image-5.0.0-1022-kvm 5.0.0-1022.24 linux-image-5.0.0-1022-raspi2 5.0.0-1022.23 linux-image-5.0.0-1025-azure 5.0.0-1025.27 linux-image-5.0.0-1025-gcp 5.0.0-1025.26 linux-image-5.0.0-35-generic 5.0.0-35.38 linux-image-5.0.0-35-generic-lpae 5.0.0-35.38 linux-image-5.0.0-35-lowlatency 5.0.0-35.38 linux-image-aws 5.0.0.1021.23 linux-image-azure 5.0.0.1025.25 linux-image-gcp 5.0.0.1025.50 linux-image-generic 5.0.0.35.37 linux-image-generic-lpae 5.0.0.35.37 linux-image-gke 5.0.0.1025.50 linux-image-kvm 5.0.0.1022.23 linux-image-lowlatency 5.0.0.35.37 linux-image-oracle 5.0.0.1007.33 linux-image-raspi2 5.0.0.1022.20 linux-image-virtual 5.0.0.35.37 Ubuntu 18.04 LTS: linux-image-5.0.0-1025-azure 5.0.0-1025.27~18.04.1 linux-image-5.0.0-1025-gcp 5.0.0-1025.26~18.04.1 linux-image-5.0.0-1025-gke 5.0.0-1025.26~18.04.1 linux-image-5.0.0-1027-oem-osp1 5.0.0-1027.31 linux-image-5.0.0-35-generic 5.0.0-35.38~18.04.1 linux-image-5.0.0-35-generic-lpae 5.0.0-35.38~18.04.1 linux-image-5.0.0-35-lowlatency 5.0.0-35.38~18.04.1 linux-image-azure 5.0.0.1025.36 linux-image-gcp 5.0.0.1025.29 linux-image-generic-hwe-18.04 5.0.0.35.93 linux-image-generic-lpae-hwe-18.04 5.0.0.35.93 linux-image-gke-5.0 5.0.0.1025.14 linux-image-lowlatency-hwe-18.04 5.0.0.35.93 linux-image-oem-osp1 5.0.0.1027.31 linux-image-snapdragon-hwe-18.04 5.0.0.35.93 linux-image-virtual-hwe-18.04 5.0.0.35.93 Please note that mitigating the TSX (CVE-2019-11135) and i915 (CVE-2019-0154) issues requires corresponding microcode and graphics firmware updates respectively. After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4184-1 CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135, CVE-2019-15098, CVE-2019-15791, CVE-2019-15792, CVE-2019-15793, CVE-2019-17052, CVE-2019-17053, CVE-2019-17054, CVE-2019-17055, CVE-2019-17056, CVE-2019-17666, https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/TAA_MCEPSC_i915 Package Information: https://launchpad.net/ubuntu/+source/linux/5.0.0-35.38 https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1021.24 https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1025.27 https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1025.26 https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1022.24 https://launchpad.net/ubuntu/+source/linux-oracle/5.0.0-1007.12 https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1022.23 https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1025.27~18.04.1 https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1025.26~18.04.1 https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1025.26~18.04.1 https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-35.38~18.04.1 https://launchpad.net/ubuntu/+source/linux-oem-osp1/5.0.0-1027.31 . Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. 7.4) - noarch, x86_64 3. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update addresses both issues. We apologize for the inconvenience. 7.6) - ppc64, ppc64le, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2019:3872-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3872 Issue date: 2019-11-13 CVE Names: CVE-2019-0155 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. 5. Bugs fixed (https://bugzilla.redhat.com/): 1724398 - CVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm ppc64: bpftool-3.10.0-1062.4.3.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-3.10.0-1062.4.3.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.3.el7.ppc64.rpm kernel-devel-3.10.0-1062.4.3.el7.ppc64.rpm kernel-headers-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.ppc64.rpm perf-3.10.0-1062.4.3.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm python-perf-3.10.0-1062.4.3.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1062.4.3.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-devel-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-headers-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.ppc64le.rpm perf-3.10.0-1062.4.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm python-perf-3.10.0-1062.4.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm s390x: bpftool-3.10.0-1062.4.3.el7.s390x.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-3.10.0-1062.4.3.el7.s390x.rpm kernel-debug-3.10.0-1062.4.3.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.s390x.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1062.4.3.el7.s390x.rpm kernel-devel-3.10.0-1062.4.3.el7.s390x.rpm kernel-headers-3.10.0-1062.4.3.el7.s390x.rpm kernel-kdump-3.10.0-1062.4.3.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-kdump-devel-3.10.0-1062.4.3.el7.s390x.rpm perf-3.10.0-1062.4.3.el7.s390x.rpm perf-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm python-perf-3.10.0-1062.4.3.el7.s390x.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXcxRUNzjgjWX9erEAQi5Yg//WF/xcoOzOw9jzwdqE1SsG5n/lwSjyQS2 PFTfDJL21oGdbx0x1Z3j/RlNz5JHYQ6WVf3OQYkjet71edQrVRMy2/uJGtmHUIng dyBqZA6JBUkYxm/OqgxV+F5oH/px01dnIdKLus2Qb7p6CPJegTVz0++6U0MIUlPs d0Q08EqmBvSqznpsOA0DeQkt+Lxp29CqzkTv3f+aFdrRBoUYJkMRS3JPG0NBBo14 ZWMv1ifhikR5SRPDGYyeXaIhn/KrOJDMAkYeMhikV5YEnSdyYqePgVuE51GJjvmz 3X6zgvOWe6+XAH4jy+llCEDwpwLRbbDB6wY1llZzECEdT+Dpr0lg3cFDjVrv3y+6 w812DuXMwX/MbSSK1Vn+KHkpm2z/OM8zQw0fdpXTSd1sbuYjmlqnjlHibhiB9Xl3 sxUJ5cr91KdYAMFAV4n7n3KeAME0H+3dj8ukxEfAe4culu1hrO4SDYXmBx+QhijJ Yt/Io/sNU6Qybni7rc/lmwgRpKA/0ajLeDznnuhrCXcM5twfnRudbOYfQ6YZh2+Y WxiVuuNUN5BJAInozVWGv+B9AxX3MBorEGBVyQlX9nVrlymFPFzsNxr9UEbWpQo5 rFBST2oBfHpCrdbOL2/DRdIpd4IXCfpk0C35cOoyfZvYg2JDY2fhGvsOvUZDSqED B2RjnqNVpjA= =BPLV -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 8) - aarch64, noarch, ppc64le, s390x, x86_64 3

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Driver Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A local attacker could exploit this vulnerability to cause a denial of service

Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. Intel(R) Graphics Driver Contains an information disclosure vulnerability.Information may be obtained. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A local attacker could exploit this vulnerability to obtain sensitive information

Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Driver Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A buffer error vulnerability exists in the subsystem in Intel Graphics Drivers prior to 26.20.100.7209. A local attacker could exploit this vulnerability to cause a denial of service

Hikvision is a video-centric IoT solution provider, providing integrated security, smart business and big data services. Hikvision backup management server has an unauthorized access vulnerability, which can be used by an attacker to log in to the system without authorization.

Certain D-Link devices have a hardcoded Alphanetworks user account with TELNET access because of /etc/config/image_sign or /etc/alpha_config/image_sign. This affects DIR-600 B1 V2.01 for WW, DIR-890L A1 v1.03, DIR-615 J1 v100 (for DCN), DIR-645 A1 v1.03, DIR-815 A1 v1.01, DIR-823 A1 v1.01, and DIR-842 C1 v3.00. plural D-Link The device is vulnerable to the use of hard-coded credentials.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. D-Link DIR-600 B1 and so on are all wireless routers from D-Link of Taiwan, China. A vulnerability management management vulnerability exists in several D-Link products. The vulnerability stems from a program with a hard-coded account that an attacker can use to obtain a remote /bin/sh shell and execute commands

WSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in the dashboard user profile. WSO2 IS as Key Manager Contains a cross-site scripting vulnerability.Information may be obtained and information may be altered. WSO2 Identity Server (IS) is an identity authentication server of the American WSO2 company. A cross-site scripting vulnerability exists in WSO2 IS version 5.7.0. The vulnerability stems from the lack of proper validation of client data by web applications. An attacker could use this vulnerability to execute client code

The streaming media server is the core system of the streaming media application and the key platform for operators to provide video services to users. The main function of the streaming media server is to collect, cache, schedule, transmit and play streaming media content. A weak password vulnerability exists in the streaming media management server, and an attacker can use this vulnerability to obtain sensitive information.

Race condition in subsystem for Intel(R) CSME versions before 12.0.70 and 14.0.45, Intel(R) SPS versions before E5_04.01.04.400 and E3_05.01.04.200 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. Intel(R) CSME and SPS Is vulnerable to a race condition.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state

A potential vulnerability in the SMI callback function used in the VariableServiceSmm driver in some Lenovo Notebook models may allow arbitrary code execution. Part of Lenovo There are unspecified vulnerabilities in notebooks.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state