Уязвимость CVE-2019-19332: Информация
Описание
An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.
Важность: MEDIUM (6,1) Вектор: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Исправленные пакеты
Имя пакета | Ветка | Исправлено в версии | Версия в репозитории | Errata ID | № Задания | Состояние |
---|---|---|---|---|---|---|
kernel-image-mp | sisyphus | 5.4.4-alt1 | 6.8.4-alt1 | ALT-PU-2019-3343-1 | 243294 | Исправлено |
kernel-image-mp | p10 | 5.4.4-alt1 | 6.1.19-alt1 | ALT-PU-2019-3343-1 | 243294 | Исправлено |
kernel-image-mp | p9 | 5.5.16-alt1 | 5.12.16-alt1 | ALT-PU-2020-1714-1 | 249865 | Исправлено |
kernel-image-mp | c9f2 | 5.5.16-alt1 | 5.7.16-alt1 | ALT-PU-2020-1714-1 | 249865 | Исправлено |
kernel-image-rpi-def | sisyphus | 5.4.51-alt1 | 5.15.92-alt2 | ALT-PU-2020-2410-1 | 254998 | Исправлено |
kernel-image-rpi-def | p10 | 5.4.51-alt1 | 5.15.92-alt2 | ALT-PU-2020-2410-1 | 254998 | Исправлено |
kernel-image-rpi-def | p9 | 5.4.51-alt2 | 5.10.81-alt1 | ALT-PU-2020-2433-1 | 255241 | Исправлено |
kernel-image-rpi-def | c9f2 | 5.4.51-alt2 | 5.4.61-alt1 | ALT-PU-2020-2433-1 | 255241 | Исправлено |
kernel-image-rpi-un | sisyphus | 5.5.5-alt0.2 | 6.6.23-alt1 | ALT-PU-2020-1421-1 | 247100 | Исправлено |
kernel-image-rpi-un | p10 | 5.5.5-alt0.2 | 6.1.77-alt1 | ALT-PU-2020-1421-1 | 247100 | Исправлено |
kernel-image-rpi-un | p9 | 5.5.5-alt0.3 | 5.12.17-alt1 | ALT-PU-2020-1450-1 | 247310 | Исправлено |
kernel-image-rpi-un | c9f2 | 5.5.5-alt0.3 | 5.7.8-alt3 | ALT-PU-2020-1450-1 | 247310 | Исправлено |
kernel-image-rt | sisyphus | 5.10.35-alt1.rt39 | 6.1.83-alt1.rt28 | ALT-PU-2021-1870-1 | 272532 | Исправлено |
kernel-image-rt | p10 | 5.10.35-alt1.rt39 | 5.10.215-alt1.rt107 | ALT-PU-2021-1870-1 | 272532 | Исправлено |
kernel-image-std-debug | sisyphus | 4.19.95-alt1 | 6.1.87-alt1 | ALT-PU-2020-1025-1 | 244120 | Исправлено |
kernel-image-std-debug | c9f2 | 4.19.97-alt1 | 4.19.102-alt1 | ALT-PU-2020-1070-1 | 244478 | Исправлено |
kernel-image-std-def | sisyphus | 4.19.89-alt1 | 6.1.87-alt1 | ALT-PU-2019-3292-1 | 243014 | Исправлено |
kernel-image-std-def | p10 | 4.19.89-alt1 | 5.10.213-alt1 | ALT-PU-2019-3292-1 | 243014 | Исправлено |
kernel-image-std-def | p9 | 4.19.89-alt1 | 5.4.274-alt1 | ALT-PU-2019-3326-1 | 243015 | Исправлено |
kernel-image-std-def | p8 | 4.9.207-alt0.M80P.1 | 4.9.337-alt0.M80P.1 | ALT-PU-2019-3389-1 | 243389 | Исправлено |
kernel-image-std-def | c9f2 | 4.19.89-alt1 | 5.10.214-alt0.c9f.2 | ALT-PU-2019-3326-1 | 243015 | Исправлено |
kernel-image-std-def | c7 | 4.4.207-alt0.M70C.1 | 4.4.277-alt0.M70C.1 | ALT-PU-2019-3381-1 | 243391 | Исправлено |
kernel-image-un-def | sisyphus | 5.4.0-alt1 | 6.6.28-alt1 | ALT-PU-2019-3291-1 | 242001 | Исправлено |
kernel-image-un-def | p10 | 5.4.0-alt1 | 6.1.85-alt1 | ALT-PU-2019-3291-1 | 242001 | Исправлено |
kernel-image-un-def | p9 | 5.4.3-alt1 | 5.10.215-alt1 | ALT-PU-2019-3369-1 | 243020 | Исправлено |
kernel-image-un-def | p8 | 4.19.89-alt0.M80P.1 | 4.19.310-alt0.M80P.1 | ALT-PU-2019-3303-1 | 243021 | Исправлено |
kernel-image-un-def | c10f1 | 5.4.0-alt1 | 6.1.85-alt0.c10f.1 | ALT-PU-2019-3291-1 | 242001 | Исправлено |
kernel-image-un-def | c9f2 | 5.4.3-alt1 | 5.10.29-alt2 | ALT-PU-2019-3369-1 | 243020 | Исправлено |
kernel-image-un-def | c7 | 4.9.277-alt0.M70C.1 | 4.9.277-alt0.M70C.1 | ALT-PU-2021-3032-1 | 281292 | Исправлено |
linux-tools | sisyphus_e2k | 5.10-alt1.E2K.1 | 5.10-alt1.E2K.3 | ALT-PU-2023-7771-1 | - | Исправлено |
linux-tools | p10_e2k | 5.10-alt1.E2K.1 | 5.10-alt1.E2K.1 | ALT-PU-2023-8360-1 | - | Исправлено |
Ссылки на рекомендации, решения и инструменты
Ссылка | Ресурс |
---|---|
https://www.openwall.com/lists/oss-security/2019/12/16/1 |
|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19332 |
|
http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html |
|
[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update |
|
USN-4254-1 | |
USN-4254-2 | |
https://security.netapp.com/advisory/ntap-20200204-0002/ | |
USN-4258-1 | |
USN-4287-1 | |
USN-4287-2 | |
[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update | |
USN-4284-1 | |
openSUSE-SU-2020:0336 | |
https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50%40google.com/ |