Vulnerability CVE-2019-14821: Information

Description

An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2019-14821

Published: Sept. 19, 2019

Modified: Feb. 16, 2024

Error type identifier: CWE-787

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-mp	sisyphus	4.20.4-alt1	6.8.8-alt1	ALT-PU-2019-1139-1	220078	Fixed
kernel-image-mp	p10	4.20.4-alt1	6.1.19-alt1	ALT-PU-2019-1139-1	220078	Fixed
kernel-image-mp	p9	5.5.16-alt1	5.12.16-alt1	ALT-PU-2020-1714-1	249865	Fixed
kernel-image-mp	c9f2	5.5.16-alt1	5.7.16-alt1	ALT-PU-2020-1714-1	249865	Fixed
kernel-image-rpi-def	sisyphus	5.4.51-alt1	5.15.92-alt2	ALT-PU-2020-2410-1	254998	Fixed
kernel-image-rpi-def	p10	5.4.51-alt1	5.15.92-alt2	ALT-PU-2020-2410-1	254998	Fixed
kernel-image-rpi-def	p9	5.4.51-alt2	5.10.81-alt1	ALT-PU-2020-2433-1	255241	Fixed
kernel-image-rpi-def	c9f2	5.4.51-alt2	5.4.61-alt1	ALT-PU-2020-2433-1	255241	Fixed
kernel-image-rt	sisyphus	4.19.90-alt1.rt35	6.1.90-alt2.rt30	ALT-PU-2020-1024-1	243976	Fixed
kernel-image-rt	p10	4.19.90-alt1.rt35	5.10.216-alt1.rt108	ALT-PU-2020-1024-1	243976	Fixed
kernel-image-rt	p9	4.19.90-alt1.rt35	4.19.189-alt1.rt78	ALT-PU-2020-1024-1	243976	Fixed
kernel-image-std-debug	sisyphus	4.19.95-alt1	6.1.90-alt2	ALT-PU-2020-1025-1	244120	Fixed
kernel-image-std-debug	c9f2	4.19.97-alt1	4.19.102-alt1	ALT-PU-2020-1070-1	244478	Fixed
kernel-image-std-def	sisyphus	3.18.21-alt1	6.1.90-alt2	ALT-PU-2015-1794-1	149359	Fixed
kernel-image-std-def	p10	3.18.21-alt1	5.10.216-alt1	ALT-PU-2015-1794-1	149359	Fixed
kernel-image-std-def	p9	4.19.78-alt1	5.4.275-alt1	ALT-PU-2019-2890-1	238864	Fixed
kernel-image-std-def	p8	4.9.194-alt0.M80P.1	4.9.337-alt0.M80P.1	ALT-PU-2019-2797-1	237950	Fixed
kernel-image-std-def	c9f2	4.19.78-alt1	5.10.214-alt0.c9f.2	ALT-PU-2019-2890-1	238864	Fixed
kernel-image-std-def	c7	4.4.194-alt0.M70C.1	4.4.277-alt0.M70C.1	ALT-PU-2019-2779-1	237953	Fixed
kernel-image-un-def	sisyphus	3.17.1-alt1	6.6.30-alt2	ALT-PU-2014-2297-1	132620	Fixed
kernel-image-un-def	p10	3.17.1-alt1	6.1.85-alt1	ALT-PU-2014-2297-1	132620	Fixed
kernel-image-un-def	p9	5.2.17-alt1	5.10.215-alt1	ALT-PU-2019-2768-1	237945	Fixed
kernel-image-un-def	p8	4.13.7-alt0.M80P.1	4.19.310-alt0.M80P.1	ALT-PU-2017-2470-1	188636	Fixed
kernel-image-un-def	c10f1	3.17.1-alt1	6.1.85-alt0.c10f.1	ALT-PU-2014-2297-1	132620	Fixed
kernel-image-un-def	c9f2	5.2.17-alt1	5.10.29-alt2	ALT-PU-2019-2768-1	237945	Fixed
kernel-image-un-def	c7	3.17.2-alt1	4.9.277-alt0.M70C.1	ALT-PU-2014-2325-1	134047	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14821	Issue Tracking Mitigation Patch Third Party Advisory
[oss-security] 20190920 CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer	Mailing List Patch Third Party Advisory
DSA-4531	Third Party Advisory
20190925 [SECURITY] [DSA 4531-1] linux security update	Issue Tracking Mailing List Third Party Advisory
[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update	Mailing List Third Party Advisory
[debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update	Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20191004-0001/	Third Party Advisory
openSUSE-SU-2019:2307	Mailing List Third Party Advisory
openSUSE-SU-2019:2308	Mailing List Third Party Advisory
USN-4157-1	Third Party Advisory
USN-4157-2	Third Party Advisory
USN-4162-1	Third Party Advisory
USN-4163-1	Third Party Advisory
USN-4163-2	Third Party Advisory
USN-4162-2	Third Party Advisory
http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html	Third Party Advisory VDB Entry
RHSA-2019:3517	Third Party Advisory
RHSA-2019:3309	Third Party Advisory
20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)	Mailing List Third Party Advisory
http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html	Third Party Advisory VDB Entry
RHSA-2019:3978	Third Party Advisory
RHSA-2019:3979	Third Party Advisory
RHSA-2019:4154	Third Party Advisory
RHSA-2019:4256	Third Party Advisory
RHSA-2020:0027	Third Party Advisory
RHSA-2020:0204	Third Party Advisory
N/A	Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZQQQANZWQMPILZV7OTS3RGGRLLE2Q7/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/	Mailing List Third Party Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.16
  End excliding
  3.16.74
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.14
  End excliding
  4.14.146
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.19
  End excliding
  4.19.75
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.4
  End excliding
  4.4.194
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.9
  End excliding
  4.9.194
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  5.2
  End excliding
  5.2.17
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  5.3
  End excliding
  5.3.1
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  2.6.27
  End including
  3.15.10
  cpe:2.3:o:linux:linux_kernel:5.4:rc1:*:*:*:*:*:*
  
  Configuration 2
  cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
  cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*
  
  Configuration 3
  cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
  
  Configuration 4
  cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
  cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
  
  Configuration 5
  cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
  cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  
  Configuration 6
  cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
  cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
  
  Configuration 7
  cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*
  
  Configuration 8
  cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
  
  Configuration 9
  cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
  
  Configuration 10
  cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
  
  Configuration 11
  cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*
  
  Configuration 12
  cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*
  
  Configuration 13
  cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*
  
  Configuration 14
  cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
  
  Configuration 15
  cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
  
  Configuration 16
  cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
  Running on/with:
  cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*
  
  Configuration 17
  cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*
  cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
  cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
  
  Configuration 18
  cpe:2.3:a:oracle:sd-wan_edge:8.2:*:*:*:*:*:*:*
  cpe:2.3:a:oracle:sd-wan_edge:7.3:*:*:*:*:*:*:*
  cpe:2.3:a:oracle:sd-wan_edge:8.0:*:*:*:*:*:*:*
  cpe:2.3:a:oracle:sd-wan_edge:8.1:*:*:*:*:*:*:*

Version: v24.5.1

Vulnerability CVE-2019-14821: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Configuration 5

Configuration 6

Configuration 7

Configuration 8

Configuration 9

Configuration 10

Configuration 11

Configuration 12

Configuration 13

Configuration 14

Configuration 15

Configuration 16

Configuration 17

Configuration 18