Errata ALT-PU-2019-2779-1: Information
Package name: kernel-image-std-def
Version: 4.4.194-alt0.M70C.1
Bulletin updated: Sept. 25, 2019
Task: #237953
Fixes
Published: April 24, 2019
BDU:2019-03630
Уязвимость модуля vhost_net ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5) Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 11, 2019
BDU:2019-04676
Уязвимость ядра Linux, связанная с переполнения буфера виртуальной памяти, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 18, 2019
BDU:2019-04677
Уязвимость функции Coalesced_MMIO ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность
Severity: HIGH (8.8) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Links:
Published: Sept. 4, 2019
BDU:2020-00236
Уязвимость подсистемы ptrace ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию
Severity: MEDIUM (5.6) Vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Links:
Published: July 22, 2019
BDU:2020-01344
Уязвимость компонента drivers/media/usb/dvb-usb/technisat-usb2.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 3, 2019
BDU:2020-03327
Уязвимость функции mwifiex_update_vs_ie() драйвера Wi-Fi Marvell ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 3, 2019
BDU:2020-03328
Уязвимость функции mwifiex_set_uap_rates() драйвера Wi-Fi Marvell ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Sept. 3, 2019
BDU:2020-03329
Уязвимость функции mwifiex_set_wmm_params() драйвера Wi-Fi Marvell ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании или выполнить произвольный код
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: March 26, 2018
BDU:2021-00376
Уязвимость функции f_midi_set_alt ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Aug. 7, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2018-20961
In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.4
- https://github.com/torvalds/linux/commit/7fafcfdf6377b18b2a726ea554d6e593ba44349f
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7fafcfdf6377b18b2a726ea554d6e593ba44349f
- 20190826 [slackware-security] Slackware 14.2 kernel (SSA:2019-238-01)
- http://packetstormsecurity.com/files/154228/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- https://support.f5.com/csp/article/K58502654
- https://security.netapp.com/advisory/ntap-20190905-0002/
- USN-4145-1
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- https://support.f5.com/csp/article/K58502654?utm_source=f5support&amp%3Butm_medium=RSS
Published: Sept. 20, 2019
Modified: Sept. 28, 2023
Modified: Sept. 28, 2023
CVE-2019-14814
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14814
- https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a
- https://access.redhat.com/security/cve/cve-2019-14814
- https://www.openwall.com/lists/oss-security/2019/08/28/1
- [oss-security] 20190828 Linux kernel: three heap overflow in the marvell wifi driver
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- USN-4157-1
- USN-4157-2
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- https://security.netapp.com/advisory/ntap-20191031-0005/
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- RHSA-2020:0174
- RHSA-2020:0328
- RHSA-2020:0339
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/
Published: Nov. 25, 2019
Modified: July 13, 2023
Modified: July 13, 2023
CVE-2019-14815
A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14815
- https://www.openwall.com/lists/oss-security/2019/08/28/1
- https://security.netapp.com/advisory/ntap-20200103-0001/
- https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a
- https://access.redhat.com/security/cve/cve-2019-14815
- RHSA-2020:0174
- RHSA-2020:0328
- RHSA-2020:0339
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://lore.kernel.org/linux-wireless/20190828020751.13625-1-huangwenabc%40gmail.com
Published: Sept. 20, 2019
Modified: July 12, 2023
Modified: July 12, 2023
CVE-2019-14816
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://www.openwall.com/lists/oss-security/2019/08/28/1
- https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3
- [oss-security] 20190828 Linux kernel: three heap overflow in the marvell wifi driver
- https://access.redhat.com/security/cve/cve-2019-14816
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- USN-4157-1
- USN-4157-2
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- https://security.netapp.com/advisory/ntap-20191031-0005/
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- RHSA-2020:0174
- RHSA-2020:0204
- RHSA-2020:0328
- RHSA-2020:0339
- RHSA-2020:0375
- RHSA-2020:0374
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- RHSA-2020:0653
- RHSA-2020:0661
- RHSA-2020:0664
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/
Published: Sept. 19, 2019
Modified: Feb. 16, 2024
Modified: Feb. 16, 2024
CVE-2019-14821
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
Severity: HIGH (8.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14821
- [oss-security] 20190920 CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer
- DSA-4531
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- https://security.netapp.com/advisory/ntap-20191004-0001/
- openSUSE-SU-2019:2307
- openSUSE-SU-2019:2308
- USN-4157-1
- USN-4157-2
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- RHSA-2019:3517
- RHSA-2019:3309
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- RHSA-2019:3978
- RHSA-2019:3979
- RHSA-2019:4154
- RHSA-2019:4256
- RHSA-2020:0027
- RHSA-2020:0204
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZQQQANZWQMPILZV7OTS3RGGRLLE2Q7/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/
Published: Sept. 17, 2019
Modified: Dec. 15, 2023
Modified: Dec. 15, 2023
CVE-2019-14835
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
- https://www.openwall.com/lists/oss-security/2019/09/17/1
- USN-4135-2
- RHSA-2019:2828
- RHSA-2019:2827
- RHSA-2019:2830
- RHSA-2019:2829
- RHSA-2019:2854
- RHSA-2019:2863
- RHSA-2019:2862
- RHSA-2019:2865
- RHSA-2019:2864
- RHSA-2019:2866
- RHSA-2019:2867
- RHSA-2019:2869
- http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html
- [oss-security] 20190924 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- RHSA-2019:2889
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- DSA-4531
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- RHSA-2019:2900
- RHSA-2019:2901
- RHSA-2019:2899
- RHSA-2019:2924
- USN-4135-1
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- [oss-security] 20191003 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- RHBA-2019:2824
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- https://security.netapp.com/advisory/ntap-20191031-0005/
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQFY6JYFIQ2VFQ7QCSXPWTUL5ZDNCJL5/
Published: Aug. 23, 2019
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2019-15505
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Links:
- https://git.linuxtv.org/media_tree.git/commit/?id=0c4df39e504bf925ab666132ac3c98d6cbbe380b
- https://security.netapp.com/advisory/ntap-20190905-0002/
- https://support.f5.com/csp/article/K28222050
- USN-4157-1
- USN-4157-2
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- [debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update
- [debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update
- https://lore.kernel.org/lkml/b9b256cb-95f2-5fa1-9956-5a602a017c11%40gmail.com/
- https://lore.kernel.org/linux-media/20190821104408.w7krumcglxo6fz5q%40gofer.mess.org/
- FEDORA-2019-4c91a2f76e
- FEDORA-2019-97380355ae
- https://support.f5.com/csp/article/K28222050?utm_source=f5support&amp%3Butm_medium=RSS
Published: Sept. 4, 2019
Modified: Oct. 17, 2019
Modified: Oct. 17, 2019
CVE-2019-15902
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.
Severity: MEDIUM (5.6) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Links:
- https://grsecurity.net/teardown_of_a_failed_linux_lts_spectre_fix.php
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- DSA-4531
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- https://security.netapp.com/advisory/ntap-20191004-0001/
- USN-4157-1
- USN-4157-2
- USN-4162-1
- USN-4163-1
- USN-4163-2
- USN-4162-2
Published: April 25, 2019
Modified: April 26, 2024
Modified: April 26, 2024
CVE-2019-3900
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can process them. A guest user, maybe remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.
Severity: HIGH (7.7) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Links:
- https://www.spinics.net/lists/kernel/msg3111012.html
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3900
- 108076
- https://security.netapp.com/advisory/ntap-20190517-0005/
- RHSA-2019:1973
- RHSA-2019:2043
- RHSA-2019:2029
- DSA-4497
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1884-1] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- USN-4114-1
- USN-4117-1
- USN-4116-1
- USN-4115-1
- USN-4118-1
- RHSA-2019:3220
- RHSA-2019:3517
- RHSA-2019:3309
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- RHSA-2019:3836
- RHSA-2019:3967
- RHSA-2019:4058
- RHSA-2020:0204
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RI3WXXM5URTZSR3RVEKO6MDXDFIKTZ5R/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TOFNJA5NNVXQ6AV6KGZB677JIVXAMJHT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYTZH6QCNITK7353S6RCRT2PQHZSDPXD/