Vulnerabilites related to netapp - element_software_management_node
CVE-2018-19985 (GCVE-0-2018-19985)
Vulnerability from cvelistv5
Published
2019-03-17 19:48
Modified
2024-08-05 11:51
Severity ?
EPSS score ?
Summary
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:51:17.876Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00007.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Jan/52", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://hexhive.epfl.ch/projects/perifuzz/", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { name: "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { name: "USN-4115-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4115-1/", }, { name: "USN-4118-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4118-1/", }, { name: "RHSA-2019:3309", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-06T00:07:12", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", }, { tags: [ "x_refsource_MISC", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html", }, { tags: [ "x_refsource_MISC", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00007.html", }, { tags: [ "x_refsource_MISC", ], url: "https://seclists.org/bugtraq/2019/Jan/52", }, { tags: [ "x_refsource_MISC", ], url: "https://hexhive.epfl.ch/projects/perifuzz/", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { name: "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { name: "USN-4115-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4115-1/", }, { name: "USN-4118-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4118-1/", }, { name: "RHSA-2019:3309", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-19985", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", }, { name: "http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html", refsource: "MISC", url: "http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html", }, { name: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00007.html", refsource: "MISC", url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00007.html", }, { name: "https://seclists.org/bugtraq/2019/Jan/52", refsource: "MISC", url: "https://seclists.org/bugtraq/2019/Jan/52", }, { name: "https://hexhive.epfl.ch/projects/perifuzz/", refsource: "MISC", url: "https://hexhive.epfl.ch/projects/perifuzz/", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "https://security.netapp.com/advisory/ntap-20190404-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { name: "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { name: "USN-4115-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4115-1/", }, { name: "USN-4118-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4118-1/", }, { name: "RHSA-2019:3309", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3517", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-19985", datePublished: "2019-03-17T19:48:52", dateReserved: "2018-12-09T00:00:00", dateUpdated: "2024-08-05T11:51:17.876Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-7657 (GCVE-0-2017-7657)
Vulnerability from cvelistv5
Published
2018-06-26 16:00
Modified
2024-08-05 16:12
Severity ?
EPSS score ?
Summary
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The Eclipse Foundation | Eclipse Jetty |
Version: unspecified < Version: 9.3.0 < unspecified Version: unspecified < 9.3.24 Version: 9.4.0 < unspecified Version: unspecified < 9.4.11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T16:12:27.850Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-4278", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2018/dsa-4278", }, { name: "1041194", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1041194", }, { name: "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E", }, { name: "RHSA-2019:0910", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0910", }, { name: "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E", }, { name: "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { name: "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20181014-0001/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668", }, { name: "[druid-commits] 20210226 [GitHub] [druid] kingnj opened a new issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210304 [GitHub] [druid] suneet-s commented on issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210304 [GitHub] [druid] suneet-s closed issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae%40%3Ccommits.druid.apache.org%3E", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Eclipse Jetty", vendor: "The Eclipse Foundation", versions: [ { lessThanOrEqual: "9.2.0", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "unspecified", status: "affected", version: "9.3.0", versionType: "custom", }, { lessThan: "9.3.24", status: "affected", version: "unspecified", versionType: "custom", }, { lessThan: "unspecified", status: "affected", version: "9.4.0", versionType: "custom", }, { lessThan: "9.4.11", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], datePublic: "2018-06-07T00:00:00", descriptions: [ { lang: "en", value: "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-444", description: "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-07-20T22:53:08", orgId: "e51fbebd-6053-4e49-959f-1b94eeb69a2c", shortName: "eclipse", }, references: [ { name: "DSA-4278", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2018/dsa-4278", }, { name: "1041194", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1041194", }, { name: "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E", }, { name: "RHSA-2019:0910", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0910", }, { name: "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E", }, { name: "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { name: "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20181014-0001/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668", }, { name: "[druid-commits] 20210226 [GitHub] [druid] kingnj opened a new issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210304 [GitHub] [druid] suneet-s commented on issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8%40%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210304 [GitHub] [druid] suneet-s closed issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae%40%3Ccommits.druid.apache.org%3E", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@eclipse.org", ID: "CVE-2017-7657", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Eclipse Jetty", version: { version_data: [ { version_affected: "<=", version_value: "9.2.0", }, { version_affected: ">=", version_value: "9.3.0", }, { version_affected: "<", version_value: "9.3.24", }, { version_affected: ">=", version_value: "9.4.0", }, { version_affected: "<", version_value: "9.4.11", }, ], }, }, ], }, vendor_name: "The Eclipse Foundation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')", }, ], }, ], }, references: { reference_data: [ { name: "DSA-4278", refsource: "DEBIAN", url: "https://www.debian.org/security/2018/dsa-4278", }, { name: "1041194", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1041194", }, { name: "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", refsource: "MLIST", url: "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E", }, { name: "RHSA-2019:0910", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0910", }, { name: "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar", refsource: "MLIST", url: "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E", }, { name: "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", refsource: "MLIST", url: "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { name: "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E", }, { name: "https://www.oracle.com/security-alerts/cpuoct2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { name: "https://security.netapp.com/advisory/ntap-20181014-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20181014-0001/", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us", }, { name: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668", refsource: "CONFIRM", url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668", }, { name: "[druid-commits] 20210226 [GitHub] [druid] kingnj opened a new issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210304 [GitHub] [druid] suneet-s commented on issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8@%3Ccommits.druid.apache.org%3E", }, { name: "[druid-commits] 20210304 [GitHub] [druid] suneet-s closed issue #10926: Hello, are there any plans to fix the CVE-2017-7657 and CVE-2017-7658 vulnerabilities of Jetty", refsource: "MLIST", url: "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae@%3Ccommits.druid.apache.org%3E", }, { name: "https://www.oracle.com//security-alerts/cpujul2021.html", refsource: "MISC", url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "e51fbebd-6053-4e49-959f-1b94eeb69a2c", assignerShortName: "eclipse", cveId: "CVE-2017-7657", datePublished: "2018-06-26T16:00:00", dateReserved: "2017-04-11T00:00:00", dateUpdated: "2024-08-05T16:12:27.850Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-20449 (GCVE-0-2018-20449)
Vulnerability from cvelistv5
Published
2019-04-04 15:25
Modified
2024-08-05 11:58
Severity ?
EPSS score ?
Summary
The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
References
| ▼ | URL | Tags |
|---|---|---|
| https://elixir.bootlin.com/linux/v4.14.90/source/drivers/dma/qcom/hidma_dbg.c#L92 | x_refsource_CONFIRM | |
| https://www.mail-archive.com/debian-security-tracker%40lists.debian.org/msg03808.html | x_refsource_MISC | |
| https://security.netapp.com/advisory/ntap-20190502-0002/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:58:19.359Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://elixir.bootlin.com/linux/v4.14.90/source/drivers/dma/qcom/hidma_dbg.c#L92", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.mail-archive.com/debian-security-tracker%40lists.debian.org/msg03808.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190502-0002/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-01-22T00:00:00", descriptions: [ { lang: "en", value: "The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading \"callback=\" lines in a debugfs file.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-05-02T09:06:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://elixir.bootlin.com/linux/v4.14.90/source/drivers/dma/qcom/hidma_dbg.c#L92", }, { tags: [ "x_refsource_MISC", ], url: "https://www.mail-archive.com/debian-security-tracker%40lists.debian.org/msg03808.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190502-0002/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-20449", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading \"callback=\" lines in a debugfs file.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://elixir.bootlin.com/linux/v4.14.90/source/drivers/dma/qcom/hidma_dbg.c#L92", refsource: "CONFIRM", url: "https://elixir.bootlin.com/linux/v4.14.90/source/drivers/dma/qcom/hidma_dbg.c#L92", }, { name: "https://www.mail-archive.com/debian-security-tracker@lists.debian.org/msg03808.html", refsource: "MISC", url: "https://www.mail-archive.com/debian-security-tracker@lists.debian.org/msg03808.html", }, { name: "https://security.netapp.com/advisory/ntap-20190502-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190502-0002/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-20449", datePublished: "2019-04-04T15:25:30", dateReserved: "2018-12-25T00:00:00", dateUpdated: "2024-08-05T11:58:19.359Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-14287 (GCVE-0-2019-14287)
Vulnerability from cvelistv5
Published
2019-10-17 17:03
Modified
2024-08-05 00:12
Severity ?
EPSS score ?
Summary
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T00:12:43.383Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20191014 Sudo: CVE-2019-14287", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/10/14/1", }, { name: "USN-4154-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4154-1/", }, { name: "DSA-4543", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4543", }, { name: "20191015 [SECURITY] [DSA 4543-1] sudo security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Oct/21", }, { name: "20191015 [slackware-security] sudo (SSA:2019-287-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Oct/20", }, { name: "openSUSE-SU-2019:2316", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html", }, { name: "FEDORA-2019-9cb221f2be", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.sudo.ws/alerts/minus_1_uid.html", }, { name: "openSUSE-SU-2019:2333", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20191017-0003/", }, { name: "[oss-security] 20191015 Re: Sudo: CVE-2019-14287", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2019/10/15/2", }, { name: "[debian-lts-announce] 20191017 [SECURITY] [DLA 1964-1] sudo security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html", }, { name: "FEDORA-2019-67998e9f7e", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K53746212?utm_source=f5support&%3Butm_medium=RSS", }, { name: "[oss-security] 20191023 Membership application for linux-distros - VMware", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/10/24/1", }, { name: "RHSA-2019:3197", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3197", }, { name: "RHSA-2019:3205", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3205", }, { name: "RHSA-2019:3204", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3204", }, { name: "RHSA-2019:3209", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3209", }, { name: "RHSA-2019:3219", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3219", }, { name: "[oss-security] 20191029 Re: Membership application for linux-distros - VMware", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/10/29/3", }, { name: "FEDORA-2019-72755db9c7", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/", }, { name: "RHSA-2019:3278", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3278", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287", }, { name: "RHSA-2019:3694", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3694", }, { name: "RHSA-2019:3755", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3755", }, { name: "RHSA-2019:3754", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3754", }, { name: "RHSA-2019:3895", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3895", }, { name: "RHSA-2019:3916", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3916", }, { name: "RHBA-2019:3248", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2019:3248", }, { name: "RHSA-2019:3941", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3941", }, { name: "RHSA-2019:4191", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:4191", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us", }, { name: "RHSA-2020:0388", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0388", }, { name: "GLSA-202003-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202003-12", }, { name: "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a \"sudo -u \\#$((0xffffffff))\" command.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-09-14T23:06:12", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "[oss-security] 20191014 Sudo: CVE-2019-14287", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/10/14/1", }, { name: "USN-4154-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4154-1/", }, { name: "DSA-4543", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4543", }, { name: "20191015 [SECURITY] [DSA 4543-1] sudo security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Oct/21", }, { name: "20191015 [slackware-security] sudo (SSA:2019-287-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Oct/20", }, { name: "openSUSE-SU-2019:2316", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html", }, { name: "FEDORA-2019-9cb221f2be", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.sudo.ws/alerts/minus_1_uid.html", }, { name: "openSUSE-SU-2019:2333", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20191017-0003/", }, { name: "[oss-security] 20191015 Re: Sudo: CVE-2019-14287", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.openwall.com/lists/oss-security/2019/10/15/2", }, { name: "[debian-lts-announce] 20191017 [SECURITY] [DLA 1964-1] sudo security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html", }, { name: "FEDORA-2019-67998e9f7e", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K53746212?utm_source=f5support&%3Butm_medium=RSS", }, { name: "[oss-security] 20191023 Membership application for linux-distros - VMware", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/10/24/1", }, { name: "RHSA-2019:3197", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3197", }, { name: "RHSA-2019:3205", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3205", }, { name: "RHSA-2019:3204", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3204", }, { name: "RHSA-2019:3209", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3209", }, { name: "RHSA-2019:3219", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3219", }, { name: "[oss-security] 20191029 Re: Membership application for linux-distros - VMware", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/10/29/3", }, { name: "FEDORA-2019-72755db9c7", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/", }, { name: "RHSA-2019:3278", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3278", }, { tags: [ "x_refsource_MISC", ], url: "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287", }, { name: "RHSA-2019:3694", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3694", }, { name: "RHSA-2019:3755", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3755", }, { name: "RHSA-2019:3754", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3754", }, { name: "RHSA-2019:3895", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3895", }, { name: "RHSA-2019:3916", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3916", }, { name: "RHBA-2019:3248", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHBA-2019:3248", }, { name: "RHSA-2019:3941", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3941", }, { name: "RHSA-2019:4191", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:4191", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us", }, { name: "RHSA-2020:0388", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0388", }, { name: "GLSA-202003-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202003-12", }, { name: "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-14287", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a \"sudo -u \\#$((0xffffffff))\" command.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20191014 Sudo: CVE-2019-14287", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/10/14/1", }, { name: "USN-4154-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4154-1/", }, { name: "DSA-4543", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4543", }, { name: "20191015 [SECURITY] [DSA 4543-1] sudo security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Oct/21", }, { name: "20191015 [slackware-security] sudo (SSA:2019-287-01)", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Oct/20", }, { name: "openSUSE-SU-2019:2316", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html", }, { name: "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html", }, { name: "FEDORA-2019-9cb221f2be", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/", }, { name: "https://www.sudo.ws/alerts/minus_1_uid.html", refsource: "CONFIRM", url: "https://www.sudo.ws/alerts/minus_1_uid.html", }, { name: "openSUSE-SU-2019:2333", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html", }, { name: "https://security.netapp.com/advisory/ntap-20191017-0003/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20191017-0003/", }, { name: "[oss-security] 20191015 Re: Sudo: CVE-2019-14287", refsource: "MLIST", url: "https://www.openwall.com/lists/oss-security/2019/10/15/2", }, { name: "[debian-lts-announce] 20191017 [SECURITY] [DLA 1964-1] sudo security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html", }, { name: "FEDORA-2019-67998e9f7e", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/", }, { name: "https://support.f5.com/csp/article/K53746212?utm_source=f5support&utm_medium=RSS", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K53746212?utm_source=f5support&utm_medium=RSS", }, { name: "[oss-security] 20191023 Membership application for linux-distros - VMware", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/10/24/1", }, { name: "RHSA-2019:3197", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3197", }, { name: "RHSA-2019:3205", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3205", }, { name: "RHSA-2019:3204", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3204", }, { name: "RHSA-2019:3209", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3209", }, { name: "RHSA-2019:3219", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3219", }, { name: "[oss-security] 20191029 Re: Membership application for linux-distros - VMware", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/10/29/3", }, { name: "FEDORA-2019-72755db9c7", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/", }, { name: "RHSA-2019:3278", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3278", }, { name: "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287", refsource: "MISC", url: "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287", }, { name: "RHSA-2019:3694", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3694", }, { name: "RHSA-2019:3755", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3755", }, { name: "RHSA-2019:3754", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3754", }, { name: "RHSA-2019:3895", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3895", }, { name: "RHSA-2019:3916", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3916", }, { name: "RHBA-2019:3248", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHBA-2019:3248", }, { name: "RHSA-2019:3941", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3941", }, { name: "RHSA-2019:4191", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:4191", }, { name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us", refsource: "CONFIRM", url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us", }, { name: "RHSA-2020:0388", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0388", }, { name: "GLSA-202003-12", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202003-12", }, { name: "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-14287", datePublished: "2019-10-17T17:03:28", dateReserved: "2019-07-27T00:00:00", dateUpdated: "2024-08-05T00:12:43.383Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-7221 (GCVE-0-2019-7221)
Vulnerability from cvelistv5
Published
2019-03-17 18:26
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:46:44.758Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html", }, { name: "FEDORA-2019-164946aa7f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/", }, { name: "FEDORA-2019-3da64f3e61", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", }, { name: "SUSE-SA-2019:0203-1", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/02/18/2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "USN-3932-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3932-1/", }, { name: "USN-3932-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3932-2/", }, { name: "USN-3930-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3930-1/", }, { name: "USN-3931-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3931-1/", }, { name: "USN-3931-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3931-2/", }, { name: "USN-3930-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3930-2/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { name: "RHSA-2019:0833", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0833", }, { name: "RHSA-2019:0818", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0818", }, { name: "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { name: "RHBA-2019:0959", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHBA-2019:0959", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.f5.com/csp/article/K08413011", }, { name: "RHSA-2019:3967", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3967", }, { name: "RHSA-2019:4058", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:4058", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-01-29T00:00:00", descriptions: [ { lang: "en", value: "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-12-03T11:06:06", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html", }, { name: "FEDORA-2019-164946aa7f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/", }, { name: "FEDORA-2019-3da64f3e61", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", }, { name: "SUSE-SA-2019:0203-1", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", }, { tags: [ "x_refsource_MISC", ], url: "http://www.openwall.com/lists/oss-security/2019/02/18/2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "USN-3932-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3932-1/", }, { name: "USN-3932-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3932-2/", }, { name: "USN-3930-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3930-1/", }, { name: "USN-3931-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3931-1/", }, { name: "USN-3931-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3931-2/", }, { name: "USN-3930-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3930-2/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { name: "RHSA-2019:0833", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0833", }, { name: "RHSA-2019:0818", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0818", }, { name: "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { name: "RHBA-2019:0959", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHBA-2019:0959", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.f5.com/csp/article/K08413011", }, { name: "RHSA-2019:3967", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3967", }, { name: "RHSA-2019:4058", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:4058", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-7221", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html", }, { name: "FEDORA-2019-164946aa7f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/", }, { name: "FEDORA-2019-3da64f3e61", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/", }, { name: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", refsource: "MISC", url: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", }, { name: "SUSE-SA-2019:0203-1", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", }, { name: "http://www.openwall.com/lists/oss-security/2019/02/18/2", refsource: "MISC", url: "http://www.openwall.com/lists/oss-security/2019/02/18/2", }, { name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f", refsource: "CONFIRM", url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f", }, { name: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760", refsource: "CONFIRM", url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "USN-3932-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3932-1/", }, { name: "USN-3932-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3932-2/", }, { name: "USN-3930-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3930-1/", }, { name: "USN-3931-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3931-1/", }, { name: "USN-3931-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3931-2/", }, { name: "USN-3930-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3930-2/", }, { name: "https://security.netapp.com/advisory/ntap-20190404-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { name: "RHSA-2019:0833", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0833", }, { name: "RHSA-2019:0818", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0818", }, { name: "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { name: "RHBA-2019:0959", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHBA-2019:0959", }, { name: "https://support.f5.com/csp/article/K08413011", refsource: "CONFIRM", url: "https://support.f5.com/csp/article/K08413011", }, { name: "RHSA-2019:3967", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3967", }, { name: "RHSA-2019:4058", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:4058", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-7221", datePublished: "2019-03-17T18:26:10", dateReserved: "2019-01-30T00:00:00", dateUpdated: "2024-08-04T20:46:44.758Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-7222 (GCVE-0-2019-7222)
Vulnerability from cvelistv5
Published
2019-03-17 18:52
Modified
2024-08-04 20:46
Severity ?
EPSS score ?
Summary
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T20:46:46.063Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2019-164946aa7f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/151712/KVM-kvm_inject_page_fault-Uninitialized-Memory-Leak.html", }, { name: "106963", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106963", }, { name: "FEDORA-2019-3da64f3e61", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", }, { name: "SUSE-SA-2019:0203-1", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=353c0956a618a07ba4bbe7ad00ff29fe70e8412a", }, { name: "[oss-security] Linux kernel: three KVM bugs (CVE-2019-6974, CVE-2019-7221, CVE-2019-7222)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/02/18/2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1759", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "USN-3932-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3932-1/", }, { name: "USN-3932-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3932-2/", }, { name: "USN-3930-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3930-1/", }, { name: "USN-3931-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3931-1/", }, { name: "USN-3933-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3933-2/", }, { name: "USN-3931-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3931-2/", }, { name: "USN-3930-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3930-2/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { name: "USN-3933-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/3933-1/", }, { name: "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { name: "RHSA-2019:2043", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { name: "RHSA-2019:2029", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { name: "RHSA-2019:3309", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-01-21T00:00:00", descriptions: [ { lang: "en", value: "The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-11-06T00:07:14", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "FEDORA-2019-164946aa7f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/151712/KVM-kvm_inject_page_fault-Uninitialized-Memory-Leak.html", }, { name: "106963", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106963", }, { name: "FEDORA-2019-3da64f3e61", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", }, { name: "SUSE-SA-2019:0203-1", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=353c0956a618a07ba4bbe7ad00ff29fe70e8412a", }, { name: "[oss-security] Linux kernel: three KVM bugs (CVE-2019-6974, CVE-2019-7221, CVE-2019-7222)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/02/18/2", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1759", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "USN-3932-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3932-1/", }, { name: "USN-3932-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3932-2/", }, { name: "USN-3930-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3930-1/", }, { name: "USN-3931-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3931-1/", }, { name: "USN-3933-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3933-2/", }, { name: "USN-3931-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3931-2/", }, { name: "USN-3930-2", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3930-2/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { name: "USN-3933-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/3933-1/", }, { name: "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { name: "RHSA-2019:2043", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { name: "RHSA-2019:2029", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { name: "RHSA-2019:3309", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-7222", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FEDORA-2019-164946aa7f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/", }, { name: "http://packetstormsecurity.com/files/151712/KVM-kvm_inject_page_fault-Uninitialized-Memory-Leak.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/151712/KVM-kvm_inject_page_fault-Uninitialized-Memory-Leak.html", }, { name: "106963", refsource: "BID", url: "http://www.securityfocus.com/bid/106963", }, { name: "FEDORA-2019-3da64f3e61", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/", }, { name: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", refsource: "MISC", url: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", }, { name: "SUSE-SA-2019:0203-1", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", }, { name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=353c0956a618a07ba4bbe7ad00ff29fe70e8412a", refsource: "CONFIRM", url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=353c0956a618a07ba4bbe7ad00ff29fe70e8412a", }, { name: "[oss-security] Linux kernel: three KVM bugs (CVE-2019-6974, CVE-2019-7221, CVE-2019-7222)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/02/18/2", }, { name: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1759", refsource: "CONFIRM", url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1759", }, { name: "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { name: "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { name: "USN-3932-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3932-1/", }, { name: "USN-3932-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3932-2/", }, { name: "USN-3930-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3930-1/", }, { name: "USN-3931-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3931-1/", }, { name: "USN-3933-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3933-2/", }, { name: "USN-3931-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3931-2/", }, { name: "USN-3930-2", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3930-2/", }, { name: "https://security.netapp.com/advisory/ntap-20190404-0002/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { name: "USN-3933-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/3933-1/", }, { name: "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { name: "RHSA-2019:2043", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { name: "RHSA-2019:2029", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { name: "RHSA-2019:3309", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3517", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-7222", datePublished: "2019-03-17T18:52:17", dateReserved: "2019-01-30T00:00:00", dateUpdated: "2024-08-04T20:46:46.063Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2017-3135 (GCVE-0-2017-3135)
Vulnerability from cvelistv5
Published
2019-01-16 20:00
Modified
2024-09-16 17:53
Severity ?
EPSS score ?
Summary
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.gentoo.org/glsa/201708-01 | vendor-advisory, x_refsource_GENTOO | |
| http://rhn.redhat.com/errata/RHSA-2017-0276.html | vendor-advisory, x_refsource_REDHAT | |
| https://security.netapp.com/advisory/ntap-20180926-0005/ | x_refsource_CONFIRM | |
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/96150 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037801 | vdb-entry, x_refsource_SECTRACK | |
| https://www.debian.org/security/2017/dsa-3795 | vendor-advisory, x_refsource_DEBIAN | |
| https://kb.isc.org/docs/aa-01453 | x_refsource_CONFIRM |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:16:28.177Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-201708-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201708-01", }, { name: "RHSA-2017:0276", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0276.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20180926-0005/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us", }, { name: "96150", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/96150", }, { name: "1037801", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1037801", }, { name: "DSA-3795", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2017/dsa-3795", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kb.isc.org/docs/aa-01453", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "BIND 9", vendor: "ISC", versions: [ { status: "affected", version: "BIND 9 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1", }, ], }, ], configurations: [ { lang: "en", value: "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition.", }, ], credits: [ { lang: "en", value: "ISC would like to thank Ramesh Damodaran(Infoblox) and Aliaksandr Shubnik (Infoblox) for reporting the issue and assisting us in the investigation.", }, ], datePublic: "2017-02-08T00:00:00", descriptions: [ { lang: "en", value: "Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { description: "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition. When this condition occurs, it will result in either an INSIST assertion failure (and subsequent abort) or an attempt to read through a NULL pointer. On most platforms a NULL pointer read leads to a segmentation fault (SEGFAULT), which causes the process to be terminated.\n\nOnly servers which are configured to simultaneously use both Response Policy Zones (RPZ) and DNS64 (a method for synthesizing AAAA records from A records) can be affected by this vulnerability.", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-01-17T10:57:01", orgId: "404fd4d2-a609-4245-b543-2c944a302a22", shortName: "isc", }, references: [ { name: "GLSA-201708-01", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201708-01", }, { name: "RHSA-2017:0276", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0276.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20180926-0005/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us", }, { name: "96150", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/96150", }, { name: "1037801", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1037801", }, { name: "DSA-3795", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2017/dsa-3795", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kb.isc.org/docs/aa-01453", }, ], solutions: [ { lang: "en", value: "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P6\n BIND 9 version 9.10.4-P6\n BIND 9 version 9.11.0-P3\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S8", }, ], source: { discovery: "EXTERNAL", }, title: "Combination of DNS64 and RPZ Can Lead to Crash", workarounds: [ { lang: "en", value: "While it is possible to avoid the condition by removing either DNS64 or RPZ from the configuration, or by carefully restricting the contents of the policy zone, for an affected configuration the most practical and safest course of action is to upgrade to a version of BIND without this vulnerability.", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-officer@isc.org", DATE_PUBLIC: "2017-02-08T00:00:00.000Z", ID: "CVE-2017-3135", STATE: "PUBLIC", TITLE: "Combination of DNS64 and RPZ Can Lead to Crash", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "BIND 9", version: { version_data: [ { version_name: "BIND 9", version_value: "9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1", }, ], }, }, ], }, vendor_name: "ISC", }, ], }, }, configuration: [ { lang: "en", value: "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition.", }, ], credit: [ { lang: "eng", value: "ISC would like to thank Ramesh Damodaran(Infoblox) and Aliaksandr Shubnik (Infoblox) for reporting the issue and assisting us in the investigation.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Servers utilizing both DNS64 and RPZ are potentially susceptible to encountering this condition. When this condition occurs, it will result in either an INSIST assertion failure (and subsequent abort) or an attempt to read through a NULL pointer. On most platforms a NULL pointer read leads to a segmentation fault (SEGFAULT), which causes the process to be terminated.\n\nOnly servers which are configured to simultaneously use both Response Policy Zones (RPZ) and DNS64 (a method for synthesizing AAAA records from A records) can be affected by this vulnerability.", }, ], }, ], }, references: { reference_data: [ { name: "GLSA-201708-01", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201708-01", }, { name: "RHSA-2017:0276", refsource: "REDHAT", url: "http://rhn.redhat.com/errata/RHSA-2017-0276.html", }, { name: "https://security.netapp.com/advisory/ntap-20180926-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20180926-0005/", }, { name: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us", refsource: "CONFIRM", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us", }, { name: "96150", refsource: "BID", url: "http://www.securityfocus.com/bid/96150", }, { name: "1037801", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1037801", }, { name: "DSA-3795", refsource: "DEBIAN", url: "https://www.debian.org/security/2017/dsa-3795", }, { name: "https://kb.isc.org/docs/aa-01453", refsource: "CONFIRM", url: "https://kb.isc.org/docs/aa-01453", }, ], }, solution: [ { lang: "en", value: "Upgrade to the patched release most closely related to your current version of BIND. These can all be downloaded from http://www.isc.org/downloads.\n\n BIND 9 version 9.9.9-P6\n BIND 9 version 9.10.4-P6\n BIND 9 version 9.11.0-P3\n\nBIND Supported Preview Edition is a special feature preview branch of BIND provided to eligible ISC support customers.\n\n BIND 9 version 9.9.9-S8", }, ], source: { discovery: "EXTERNAL", }, work_around: [ { lang: "en", value: "While it is possible to avoid the condition by removing either DNS64 or RPZ from the configuration, or by carefully restricting the contents of the policy zone, for an affected configuration the most practical and safest course of action is to upgrade to a version of BIND without this vulnerability.", }, ], }, }, }, cveMetadata: { assignerOrgId: "404fd4d2-a609-4245-b543-2c944a302a22", assignerShortName: "isc", cveId: "CVE-2017-3135", datePublished: "2019-01-16T20:00:00Z", dateReserved: "2016-12-02T00:00:00", dateUpdated: "2024-09-16T17:53:49.488Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2018-3627 (GCVE-0-2018-3627)
Vulnerability from cvelistv5
Published
2018-07-10 21:00
Modified
2024-08-05 04:50
Severity ?
EPSS score ?
Summary
Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html | x_refsource_CONFIRM | |
| https://security.netapp.com/advisory/ntap-20190327-0006/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel Converged Security Management Engine (Intel CSME) |
Version: 11.x |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T04:50:30.378Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Intel Converged Security Management Engine (Intel CSME)", vendor: "Intel Corporation", versions: [ { status: "affected", version: "11.x", }, ], }, ], datePublic: "2018-07-10T00:00:00", descriptions: [ { lang: "en", value: "Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.", }, ], problemTypes: [ { descriptions: [ { description: "Elevation of Privilege", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-03-27T18:06:08", orgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", shortName: "intel", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0006/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@intel.com", ID: "CVE-2018-3627", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Intel Converged Security Management Engine (Intel CSME)", version: { version_data: [ { version_value: "11.x", }, ], }, }, ], }, vendor_name: "Intel Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Elevation of Privilege", }, ], }, ], }, references: { reference_data: [ { name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", refsource: "CONFIRM", url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0006/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "6dda929c-bb53-4a77-a76d-48e79601a1ce", assignerShortName: "intel", cveId: "CVE-2018-3627", datePublished: "2018-07-10T21:00:00", dateReserved: "2017-12-28T00:00:00", dateUpdated: "2024-08-05T04:50:30.378Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
CVE-2019-5489 (GCVE-0-2019-5489)
Vulnerability from cvelistv5
Published
2019-01-07 18:00
Modified
2024-08-04 19:54
Severity ?
EPSS score ?
Summary
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:54:53.490Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "106478", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/106478", }, { name: "openSUSE-SU-2019:1479", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { name: "DSA-4465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4465", }, { name: "[debian-lts-announce] 20190617 [SECURITY] [DLA 1823-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html", }, { name: "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { name: "openSUSE-SU-2019:1570", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", }, { name: "20190618 [SECURITY] [DSA 4465-1] linux security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Jun/26", }, { name: "openSUSE-SU-2019:1579", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", }, { name: "RHSA-2019:2043", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { name: "RHSA-2019:2029", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { name: "RHSA-2019:2473", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2473", }, { name: "RHSA-2019:2808", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2808", }, { name: "RHSA-2019:2837", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2837", }, { name: "RHSA-2019:2809", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2809", }, { name: "RHSA-2019:3309", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { name: "RHSA-2019:3967", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:3967", }, { name: "RHSA-2019:4058", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:4058", }, { name: "RHSA-2019:4057", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:4057", }, { name: "RHSA-2019:4056", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:4056", }, { name: "RHSA-2019:4159", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:4159", }, { name: "RHSA-2019:4164", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:4164", }, { name: "RHSA-2019:4255", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:4255", }, { name: "RHSA-2020:0204", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1120843", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://arxiv.org/abs/1901.01161", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190307-0001/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2019-01-07T00:00:00", descriptions: [ { lang: "en", value: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-15T02:23:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "106478", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/106478", }, { name: "openSUSE-SU-2019:1479", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { name: "DSA-4465", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4465", }, { name: "[debian-lts-announce] 20190617 [SECURITY] [DLA 1823-1] linux security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html", }, { name: "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { name: "openSUSE-SU-2019:1570", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", }, { name: "20190618 [SECURITY] [DSA 4465-1] linux security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Jun/26", }, { name: "openSUSE-SU-2019:1579", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", }, { name: "RHSA-2019:2043", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { name: "RHSA-2019:2029", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { name: "RHSA-2019:2473", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2473", }, { name: "RHSA-2019:2808", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2808", }, { name: "RHSA-2019:2837", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2837", }, { name: "RHSA-2019:2809", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2809", }, { name: "RHSA-2019:3309", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { name: "RHSA-2019:3967", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:3967", }, { name: "RHSA-2019:4058", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:4058", }, { name: "RHSA-2019:4057", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:4057", }, { name: "RHSA-2019:4056", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:4056", }, { name: "RHSA-2019:4159", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:4159", }, { name: "RHSA-2019:4164", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:4164", }, { name: "RHSA-2019:4255", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:4255", }, { name: "RHSA-2020:0204", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1120843", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e", }, { tags: [ "x_refsource_MISC", ], url: "https://arxiv.org/abs/1901.01161", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190307-0001/", }, { tags: [ "x_refsource_MISC", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-5489", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "106478", refsource: "BID", url: "http://www.securityfocus.com/bid/106478", }, { name: "openSUSE-SU-2019:1479", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { name: "DSA-4465", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4465", }, { name: "[debian-lts-announce] 20190617 [SECURITY] [DLA 1823-1] linux security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html", }, { name: "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { name: "openSUSE-SU-2019:1570", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", }, { name: "20190618 [SECURITY] [DSA 4465-1] linux security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Jun/26", }, { name: "openSUSE-SU-2019:1579", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", }, { name: "RHSA-2019:2043", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { name: "RHSA-2019:2029", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { name: "RHSA-2019:2473", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2473", }, { name: "RHSA-2019:2808", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2808", }, { name: "RHSA-2019:2837", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2837", }, { name: "RHSA-2019:2809", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2809", }, { name: "RHSA-2019:3309", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { name: "RHSA-2019:3517", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { name: "RHSA-2019:3967", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:3967", }, { name: "RHSA-2019:4058", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:4058", }, { name: "RHSA-2019:4057", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:4057", }, { name: "RHSA-2019:4056", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:4056", }, { name: "RHSA-2019:4159", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:4159", }, { name: "RHSA-2019:4164", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:4164", }, { name: "RHSA-2019:4255", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:4255", }, { name: "RHSA-2020:0204", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { name: "https://www.oracle.com/security-alerts/cpujul2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { name: "https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/", refsource: "MISC", url: "https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/", }, { name: "https://bugzilla.suse.com/show_bug.cgi?id=1120843", refsource: "MISC", url: "https://bugzilla.suse.com/show_bug.cgi?id=1120843", }, { name: "https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e", refsource: "MISC", url: "https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e", }, { name: "https://arxiv.org/abs/1901.01161", refsource: "MISC", url: "https://arxiv.org/abs/1901.01161", }, { name: "https://security.netapp.com/advisory/ntap-20190307-0001/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190307-0001/", }, { name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e", refsource: "MISC", url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e", }, { name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en", refsource: "CONFIRM", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-5489", datePublished: "2019-01-07T18:00:00", dateReserved: "2019-01-07T00:00:00", dateUpdated: "2024-08-04T19:54:53.490Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2019-03-21 16:01
Modified
2024-11-21 04:47
Severity ?
Summary
The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| opensuse | leap | 15.0 | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| debian | debian_linux | 8.0 | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 18.10 | |
| netapp | active_iq_performance_analytics_services | - | |
| netapp | element_software_management_node | - | |
| redhat | openshift_container_platform | 3.11 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "0D5DDB30-49C4-4789-9AE3-88BB9B68C5F0", versionEndIncluding: "4.20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", matchCriteriaId: "07C312A0-CD2C-4B9C-B064-6409B25C278F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*", matchCriteriaId: "83077160-BB98-408B-81F0-8EF9E566BF28", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", matchCriteriaId: "2F87326E-0B56-4356-A889-73D026DB1D4B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.", }, { lang: "es", value: "La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene un uso de memoria previamente liberada.", }, ], id: "CVE-2019-7221", lastModified: "2024-11-21T04:47:46.850", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:01:10.890", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/02/18/2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:0959", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0818", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0833", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:3967", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:4058", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { source: "cve@mitre.org", url: "https://support.f5.com/csp/article/K08413011", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3930-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3930-2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3931-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3931-2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3932-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3932-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/151713/KVM-VMX-Preemption-Timer-Use-After-Free.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/02/18/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:0959", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0818", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0833", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3967", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:4058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K08413011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3930-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3930-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3931-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3931-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3932-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3932-2/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-21 16:00
Modified
2024-11-21 03:58
Severity ?
Summary
The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| debian | debian_linux | 8.0 | |
| netapp | active_iq_performance_analytics_services | - | |
| netapp | element_software_management_node | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "0AA82BBC-BEEA-49BB-A5A2-EE6D3B9FBBF8", versionEndIncluding: "4.19.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*", matchCriteriaId: "83077160-BB98-408B-81F0-8EF9E566BF28", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.", }, { lang: "es", value: "La función hso_get_config_data en drivers/net/usb/hso.c en el kernel de Linux, hasta la versión 4.19.8, lee if_num desde el dispositivo USB (como un u8) y lo emplea para indexar un array pequeño, lo que resulta en una lectura de objetos fuera de límites (OOB) que podría permitir la lectura arbitraria en el espacio de direcciones del kernel.", }, ], id: "CVE-2018-19985", lastModified: "2024-11-21T03:58:56.517", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "NONE", baseScore: 4.6, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 0.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:00:33.373", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00007.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://hexhive.epfl.ch/projects/perifuzz/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jan/52", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { source: "cve@mitre.org", url: "https://usn.ubuntu.com/4115-1/", }, { source: "cve@mitre.org", url: "https://usn.ubuntu.com/4118-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-01/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Release Notes", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00007.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/151420/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://hexhive.epfl.ch/projects/perifuzz/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Jan/52", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/4115-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://usn.ubuntu.com/4118-1/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-17 18:15
Modified
2024-11-21 04:26
Severity ?
Summary
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*", matchCriteriaId: "07F52D32-AC76-42B8-B59F-57D5E36010CB", versionEndExcluding: "1.8.28", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", matchCriteriaId: "064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:virtualization:4.2:*:*:*:*:*:*:*", matchCriteriaId: "D8C66E6D-8AD2-4709-BD18-ED9EAF9D8546", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", matchCriteriaId: "92BC9265-6959-4D37-BE5E-8C45E98992F8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "831F0F47-3565-4763-B16F-C87B1FF2035E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "0E3F09B5-569F-4C58-9FCA-3C0953D107B5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", matchCriteriaId: "54D669D4-6D7E-449D-80C1-28FA44F06FFE", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", matchCriteriaId: "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", matchCriteriaId: "16E6D998-B41D-4B49-9E00-8336D2E40A4A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "7431ABC1-9252-419E-8CC1-311B41360078", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "6897676D-53F9-45B3-B27F-7FF9A4C58D33", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "E28F226A-CBC7-4A32-BE58-398FA5B42481", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", matchCriteriaId: "6755B6AD-0422-467B-8115-34A60B1D1A40", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D5F7E11E-FB34-4467-8919-2B6BEAABF665", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", matchCriteriaId: "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "B09ACF2D-D83F-4A86-8185-9569605D8EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "AC10D919-57FD-4725-B8D2-39ECB476902F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a \"sudo -u \\#$((0xffffffff))\" command.", }, { lang: "es", value: "En Sudo anteriores a 1.8.28, un atacante con acceso a una cuenta Runas ALL sudoer puede omitir ciertas listas negras de políticas y módulos PAM de sesión, y puede causar un registro incorrecto, mediante la invocación sudo con un ID de usuario creado. Por ejemplo, esto permite la omisión de la configuración root y el registro USER= para un comando \"sudo -u \\#$((0xffffffff))\".", }, ], id: "CVE-2019-14287", lastModified: "2024-11-21T04:26:22.577", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-17T18:15:12.330", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/10/14/1", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/10/24/1", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/10/29/3", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:3248", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3197", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3204", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3205", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3209", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3219", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3278", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3694", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3754", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3755", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3895", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3916", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3941", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:4191", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0388", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Oct/20", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Oct/21", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-12", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191017-0003/", }, { source: "cve@mitre.org", url: "https://support.f5.com/csp/article/K53746212?utm_source=f5support&%3Butm_medium=RSS", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4154-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4543", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2019/10/15/2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "https://www.sudo.ws/alerts/minus_1_uid.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/10/14/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/10/24/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/10/29/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2021/09/14/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHBA-2019:3248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3197", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3204", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3205", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3209", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3219", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3278", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3694", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3754", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3755", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3895", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3916", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3941", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:4191", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2020:0388", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Oct/20", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Oct/21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202003-12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20191017-0003/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K53746212?utm_source=f5support&%3Butm_medium=RSS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4154-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4543", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2019/10/15/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://www.sudo.ws/alerts/minus_1_uid.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-755", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-07 17:29
Modified
2024-11-21 04:45
Severity ?
Summary
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| netapp | active_iq_performance_analytics_services | - | |
| netapp | element_software_management_node | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "FE279FFB-2E93-4DB8-B46B-C16E88F9941D", versionEndIncluding: "4.19.13", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*", matchCriteriaId: "83077160-BB98-408B-81F0-8EF9E566BF28", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.", }, { lang: "es", value: "La implementación mincore() en mm/mincore.c en el kernel de Linux hasta la versión 4.19.13 permitía a los atacantes observar patrones de acceso a las páginas de caché de otros procesos en el mismo sistema, permitiendo el esnifado de información secreta. (Su arreglo afecta a la salida del programa fincore.) Puede ser posible una explotación remota limitada, tal y como queda demostrado con las diferencias en latencia a la hora de acceder a archivos públicos desde un servidor Apache HHTP.", }, ], id: "CVE-2019-5489", lastModified: "2024-11-21T04:45:02.283", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-07T17:29:00.470", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", }, { source: "cve@mitre.org", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106478", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:2473", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:2808", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:2809", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:2837", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:3967", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:4056", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:4057", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:4058", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:4159", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:4164", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2019:4255", }, { source: "cve@mitre.org", url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://arxiv.org/abs/1901.01161", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1120843", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { source: "cve@mitre.org", url: "https://seclists.org/bugtraq/2019/Jun/26", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190307-0001/", }, { source: "cve@mitre.org", url: "https://www.debian.org/security/2019/dsa-4465", }, { source: "cve@mitre.org", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "cve@mitre.org", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106478", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2473", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2808", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2809", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:3967", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:4056", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:4057", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:4058", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:4159", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:4164", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:4255", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2020:0204", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://arxiv.org/abs/1901.01161", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1120843", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Jun/26", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190307-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4465", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpujul2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Third Party Advisory", ], url: "https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-319", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-01-16 20:29
Modified
2024-11-21 03:24
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.3 | |
| isc | bind | 9.9.8 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.9 | |
| isc | bind | 9.9.10 | |
| isc | bind | 9.10.0 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.4 | |
| isc | bind | 9.10.5 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.0 | |
| isc | bind | 9.11.1 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.3 | |
| redhat | enterprise_linux_server_aus | 7.4 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.3 | |
| redhat | enterprise_linux_server_eus | 7.4 | |
| redhat | enterprise_linux_server_eus | 7.5 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.3 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| netapp | data_ontap_edge | - | |
| netapp | element_software_management_node | - | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:isc:bind:9.9.3:*:*:*:*:*:*:*", matchCriteriaId: "2A7BE793-7717-4019-8F50-158C309E48B2", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.3:s1:*:*:*:*:*:*", matchCriteriaId: "FCC182A9-5989-4A87-A3BA-F1CFAEDC95E2", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.8:*:*:*:*:*:*:*", matchCriteriaId: "3AF19353-E509-4864-ADDD-39F3012A262B", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.9:p5:*:*:*:*:*:*", matchCriteriaId: "012A3C08-2A0F-4168-9DE0-F609707E4C2E", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.9:s7:*:*:*:*:*:*", matchCriteriaId: "7132A53F-7DF2-4B79-AC86-75A0C73843B4", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.9.10:beta1:*:*:*:*:*:*", matchCriteriaId: "9C8F0163-FF32-44E0-B05C-F89263CD56A7", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.0:*:*:*:*:*:*:*", matchCriteriaId: "92ECA27E-4248-49BD-A84C-4854CCA19AC5", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.4:p1:*:*:*:*:*:*", matchCriteriaId: "BB2D2132-62E8-4E73-A0BF-4790DAFC5558", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.4:p2:*:*:*:*:*:*", matchCriteriaId: "E253BD9F-25B8-42E7-BEAB-E843381ED155", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.4:p3:*:*:*:*:*:*", matchCriteriaId: "6B5E42E5-27C6-4D6F-B7DC-903B10BF2017", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.4:p4:*:*:*:*:*:*", matchCriteriaId: "7E211374-A4F5-41D4-A89E-E6522E9D0DFB", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.4:p5:*:*:*:*:*:*", matchCriteriaId: "21CC7BA7-6D75-4561-ACF3-F1F61A0CBA62", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.10.5:beta1:*:*:*:*:*:*", matchCriteriaId: "278142AB-9CE9-4DAC-A0C5-A3E05A715829", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.11.0:*:*:*:*:*:*:*", matchCriteriaId: "3160C5ED-75EA-47B2-998E-EDFC46B37DDA", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.11.0:p1:*:*:*:*:*:*", matchCriteriaId: "086C327B-DF9F-4D4E-A538-1E29FEDC34C5", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.11.0:p2:*:*:*:*:*:*", matchCriteriaId: "1440B408-76B6-4FA7-899D-E28049A37704", vulnerable: true, }, { criteria: "cpe:2.3:a:isc:bind:9.11.1:beta1:*:*:*:*:*:*", matchCriteriaId: "CE6ED392-74B9-487E-83B0-ECAAEEAB3AB3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "D99A687E-EAE6-417E-A88E-D0082BC194CD", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "A8442C20-41F9-47FD-9A12-E724D3A31FD7", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", matchCriteriaId: "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", matchCriteriaId: "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:data_ontap_edge:-:*:*:*:*:*:*:*", matchCriteriaId: "E0C4B1E5-75BF-43AE-BBAC-0DD4124C71ED", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Under some conditions when using both DNS64 and RPZ to rewrite query responses, query processing can resume in an inconsistent state leading to either an INSIST assertion failure or an attempt to read through a NULL pointer. Affects BIND 9.8.8, 9.9.3-S1 -> 9.9.9-S7, 9.9.3 -> 9.9.9-P5, 9.9.10b1, 9.10.0 -> 9.10.4-P5, 9.10.5b1, 9.11.0 -> 9.11.0-P2, 9.11.1b1.", }, { lang: "es", value: "En ciertas condiciones, al emplear DNS64 y RPZ para rescribir respuestas a consultas, el procesamiento de consultas puede continuar de forma inconsistente, lo que puede conducir a un fallo de aserción de INSIST o a un intento para leer a través de un puntero NULL. Afecta a BIND en su versión 9.8.8, desde la versión 9.9.3-S1 hasta la 9.9.9-S7, desde la versión 9.9.3 hasta la 9.9.9-P5, la versión 9.9.10b1, desde la versión 9.10.0 hasta la 9.10.4-P5, la versión 9.10.5b1, desde la versión 9.11.0 hasta la 9.11.0-P2 y a la versión 9.11.1b1.", }, ], id: "CVE-2017-3135", lastModified: "2024-11-21T03:24:54.283", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "security-officer@isc.org", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-01-16T20:29:00.283", references: [ { source: "security-officer@isc.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0276.html", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96150", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1037801", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us", }, { source: "security-officer@isc.org", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/docs/aa-01453", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201708-01", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180926-0005/", }, { source: "security-officer@isc.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-3795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2017-0276.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/96150", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1037801", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03747en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://kb.isc.org/docs/aa-01453", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201708-01", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20180926-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2017/dsa-3795", }, ], sourceIdentifier: "security-officer@isc.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-10 21:29
Modified
2024-11-21 04:05
Severity ?
Summary
Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i3:6006u:*:*:*:*:*:*:*", matchCriteriaId: "B6B859F7-0373-4ADD-92B3-0FAB42FCF23C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6098p:*:*:*:*:*:*:*", matchCriteriaId: "AAC76F31-00A5-4719-AA50-92F773919B3C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100:*:*:*:*:*:*:*", matchCriteriaId: "49996F5A-51B2-4D4E-AE04-E98E093A76CC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100e:*:*:*:*:*:*:*", matchCriteriaId: "9F8406B0-D1E5-4633-B17E-53DC99FE7622", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100h:*:*:*:*:*:*:*", matchCriteriaId: "3D49435C-7C33-454B-9F43-9C10F28A28A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100t:*:*:*:*:*:*:*", matchCriteriaId: "D17E1A0F-1150-4899-81BC-BE84E4EF5FA3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100te:*:*:*:*:*:*:*", matchCriteriaId: "EADD98AE-BAB0-440D-AB9F-2D76BE5109E2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6100u:*:*:*:*:*:*:*", matchCriteriaId: "ED44A404-8548-4EDC-8928-4094D05A6A38", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6102e:*:*:*:*:*:*:*", matchCriteriaId: "3A6E4AA3-BEBC-4B14-9A52-A8F8B2954D64", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6157u:*:*:*:*:*:*:*", matchCriteriaId: "D2AAD8F0-0D31-4806-8A88-A30E5BE43630", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6167u:*:*:*:*:*:*:*", matchCriteriaId: "8164EE5F-6ABA-4365-8718-2F98C2E57A0F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6300:*:*:*:*:*:*:*", matchCriteriaId: "C7110AF9-A407-4EE2-9C46-E5F1E3638E9A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6300t:*:*:*:*:*:*:*", matchCriteriaId: "2A06696D-37F0-427D-BFC5-1606E7441C31", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:6320:*:*:*:*:*:*:*", matchCriteriaId: "E9F8A5FC-5EFE-42EC-A49B-D3A312FB5F6F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7020u:*:*:*:*:*:*:*", matchCriteriaId: "A54EC3F7-0B8C-46CE-A8C7-4BB61B355843", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7100:*:*:*:*:*:*:*", matchCriteriaId: "233009BD-0DEC-405C-AD1A-B58AEB48B0DC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7100e:*:*:*:*:*:*:*", matchCriteriaId: "D332B6F4-DB19-4E02-A2B6-23D7235BCAB0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7100h:*:*:*:*:*:*:*", matchCriteriaId: "A3D29927-72F4-4AF9-B096-57DB2712FBE1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7100t:*:*:*:*:*:*:*", matchCriteriaId: "BA5AE231-F198-49EC-8A97-FF250A742840", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7100u:*:*:*:*:*:*:*", matchCriteriaId: "22A6603F-9646-4220-BFCB-81266F1FC60E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7101e:*:*:*:*:*:*:*", matchCriteriaId: "68E25472-7F96-425C-87DD-D1835B12589E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7101te:*:*:*:*:*:*:*", matchCriteriaId: "09253F55-3355-44C1-862C-9A6DAD5C461C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7102e:*:*:*:*:*:*:*", matchCriteriaId: "32CAE041-761F-4D81-B075-D3E567CFFE94", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7130u:*:*:*:*:*:*:*", matchCriteriaId: "843E440C-3847-4B13-BB0C-E0C282853850", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7167u:*:*:*:*:*:*:*", matchCriteriaId: "BEB1AF20-A65B-45F7-8C60-3475A640E2FC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7300:*:*:*:*:*:*:*", matchCriteriaId: "154B92C1-04B9-459D-9FC7-6EA1E09CE12C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7300t:*:*:*:*:*:*:*", matchCriteriaId: "2E0F9407-BCB5-4F50-8D54-74389DA58E15", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7320:*:*:*:*:*:*:*", matchCriteriaId: "60F6B441-537F-4255-9BC6-CE807B46DC55", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:7350k:*:*:*:*:*:*:*", matchCriteriaId: "CE7EFD6E-5954-4041-8245-0AB2D45E583F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8100:*:*:*:*:*:*:*", matchCriteriaId: "68A76015-0A05-4EC7-B136-DC13B55D881F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8100h:*:*:*:*:*:*:*", matchCriteriaId: "0DA0AF32-485E-418D-B3F5-F7207CF17E4A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8100t:*:*:*:*:*:*:*", matchCriteriaId: "353CB864-53C3-4BC3-B02A-38FEE42BDBCC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8109u:*:*:*:*:*:*:*", matchCriteriaId: "3A649B47-E110-4C6C-AE60-13DB543CFE29", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8130u:*:*:*:*:*:*:*", matchCriteriaId: "02377127-6C03-4FED-BB51-555B8E0DB223", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8145u:*:*:*:*:*:*:*", matchCriteriaId: "07CCBA16-2DC6-43D5-BFF2-550C749DB54E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8300:*:*:*:*:*:*:*", matchCriteriaId: "100127DD-4981-46D3-95A7-D5C0585F097E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8300t:*:*:*:*:*:*:*", matchCriteriaId: "1228D0D5-8708-4D2A-AEC2-52D6BEFF5AF4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i3:8350k:*:*:*:*:*:*:*", matchCriteriaId: "C352DCE8-E8D9-40D3-AFE9-B5FB84F7ED33", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i5:7y54:*:*:*:*:*:*:*", matchCriteriaId: "8E0195D5-380D-401F-92EB-37AEA34E7478", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7y57:*:*:*:*:*:*:*", matchCriteriaId: "0E6AB8D9-FEA0-4830-941B-A2605830ADD0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6200u:*:*:*:*:*:*:*", matchCriteriaId: "0FC246FE-4CA6-4B2D-83C3-D50A386C24A0", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6260u:*:*:*:*:*:*:*", matchCriteriaId: "758A14DB-1BAF-442A-BA7C-5E9C67847BEA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6267u:*:*:*:*:*:*:*", matchCriteriaId: "61309100-CFA7-4607-A236-8910838AA057", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6287u:*:*:*:*:*:*:*", matchCriteriaId: "82D76265-7BD0-4C51-AE77-22B22524DE81", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6300hq:*:*:*:*:*:*:*", matchCriteriaId: "DE38B195-BB8D-4747-881D-E8033760B4C8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6300u:*:*:*:*:*:*:*", matchCriteriaId: "1AA8BE76-168D-48A3-8DF6-E91F44600408", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6350hq:*:*:*:*:*:*:*", matchCriteriaId: "3B656975-5D71-4712-9820-BDB7BC248AFA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6360u:*:*:*:*:*:*:*", matchCriteriaId: "FA045267-114D-4587-B6D7-E273C28DC9B1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6400:*:*:*:*:*:*:*", matchCriteriaId: "77018415-E122-406E-896D-1BC6CF790BE3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6400t:*:*:*:*:*:*:*", matchCriteriaId: "3ADF37F1-546B-4EF0-8DEC-DC3B9F5309FF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6402p:*:*:*:*:*:*:*", matchCriteriaId: "D7469256-1A64-46FF-8F5A-A8E9E3CF5BE5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6440eq:*:*:*:*:*:*:*", matchCriteriaId: "7F9069B9-9FE3-4AD5-9A8E-55C0F73BD756", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6440hq:*:*:*:*:*:*:*", matchCriteriaId: "F4E1C012-3E05-44DB-B6D2-BFD619C034B4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6442eq:*:*:*:*:*:*:*", matchCriteriaId: "15D689D6-8594-42F2-8EEF-DCAEBA885A67", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6500:*:*:*:*:*:*:*", matchCriteriaId: "A6446000-0494-4DC5-ABAA-F20A44546068", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6500t:*:*:*:*:*:*:*", matchCriteriaId: "99B94EEC-6690-45D0-B086-F4A5B25C25CB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6500te:*:*:*:*:*:*:*", matchCriteriaId: "8B767B6E-B3E6-4424-97A6-89A7E7EB0EEB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6585r:*:*:*:*:*:*:*", matchCriteriaId: "832AB3CD-E3A1-4CCB-A210-287973563D0E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6600:*:*:*:*:*:*:*", matchCriteriaId: "5A26C0CC-68AD-40F5-96B8-87E6C643F6F8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6600k:*:*:*:*:*:*:*", matchCriteriaId: "99C4221A-9994-43B3-9C7A-E13815A50A10", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6600t:*:*:*:*:*:*:*", matchCriteriaId: "20070B1D-B91C-40BA-A9D8-E80170A2933F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:6685r:*:*:*:*:*:*:*", matchCriteriaId: "A70129C9-371F-4542-A388-C095869E593A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7200u:*:*:*:*:*:*:*", matchCriteriaId: "83A2B089-EF84-4CC6-BFF6-8E74584688CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7260u:*:*:*:*:*:*:*", matchCriteriaId: "6D2A5D20-2921-4FA2-B62F-01A6A2957D7B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7267u:*:*:*:*:*:*:*", matchCriteriaId: "5427051C-F785-4190-86E4-7F6E226968B4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7287u:*:*:*:*:*:*:*", matchCriteriaId: "B4E5D44F-183D-4B1B-8ACF-6954A834B63A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7300hq:*:*:*:*:*:*:*", matchCriteriaId: "96AEABB2-D597-4126-AEA2-D67117E86962", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7300u:*:*:*:*:*:*:*", matchCriteriaId: "1E84AC40-E06A-42B9-B125-E7263A191702", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7360u:*:*:*:*:*:*:*", matchCriteriaId: "F1869D54-7B07-400D-8941-59DE0FE4127D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7400:*:*:*:*:*:*:*", matchCriteriaId: "A27F73DD-FDC1-4A7B-85B1-543FFB036CCC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7400t:*:*:*:*:*:*:*", matchCriteriaId: "AEC66A91-0BA2-4073-B4B7-E8354B3D2409", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7440eq:*:*:*:*:*:*:*", matchCriteriaId: "CAD36097-3356-49B6-93A4-B6AC9203C2A9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7440hq:*:*:*:*:*:*:*", matchCriteriaId: "9C0CE988-82FB-4412-AF06-91A1E056FD0B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7442eq:*:*:*:*:*:*:*", matchCriteriaId: "799CBCB6-5345-433A-9D2A-B36A86178982", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7500:*:*:*:*:*:*:*", matchCriteriaId: "BE27EBE2-D4BD-412C-8DB0-C30DF71E5788", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7500t:*:*:*:*:*:*:*", matchCriteriaId: "16F2AE62-2E44-4F70-B790-1D5399DF61A7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7600:*:*:*:*:*:*:*", matchCriteriaId: "1EBF09B5-A51E-4579-A5E4-3B755CDDB737", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7600k:*:*:*:*:*:*:*", matchCriteriaId: "3F4D20EC-92C4-4BB3-8F13-540AAA001E9F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:7600t:*:*:*:*:*:*:*", matchCriteriaId: "7AC49B2C-12AB-463F-AB13-7C9A9E381014", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8200y:*:*:*:*:*:*:*", matchCriteriaId: "A529E849-E1FD-4BD1-A6A5-377F79FE26D2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8250u:*:*:*:*:*:*:*", matchCriteriaId: "6C4DE25F-168A-4C67-8B66-09F61F072BD4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8259u:*:*:*:*:*:*:*", matchCriteriaId: "11ED2E75-9BCD-4F52-A610-E50A5DA24A8E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8265u:*:*:*:*:*:*:*", matchCriteriaId: "A216FA06-4E47-4105-8ADE-956F887AFC6B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8269u:*:*:*:*:*:*:*", matchCriteriaId: "137DECAA-074A-4FEC-A633-FE3836E0D32B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8300h:*:*:*:*:*:*:*", matchCriteriaId: "80C307EB-64E4-4BBE-A41A-5FE5AF197ACB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8305g:*:*:*:*:*:*:*", matchCriteriaId: "EDD1091D-CDD9-41C0-A8D8-19B8ECAA672F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8350u:*:*:*:*:*:*:*", matchCriteriaId: "58157F24-D89E-4552-8CE6-2F01E98BD1E5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8400:*:*:*:*:*:*:*", matchCriteriaId: "BC7FFD78-1E1C-4246-BBD3-73FAC06AA46B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8400b:*:*:*:*:*:*:*", matchCriteriaId: "328F854B-3716-47D9-BE70-765DE3689DAC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8400h:*:*:*:*:*:*:*", matchCriteriaId: "D179F530-F642-444C-8184-3770FA8A338E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8400t:*:*:*:*:*:*:*", matchCriteriaId: "CB237F89-7405-46F7-972E-81A3B78631BA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8500:*:*:*:*:*:*:*", matchCriteriaId: "6BA4C4C2-0DC2-46FA-89E9-38F632DACB4C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8500b:*:*:*:*:*:*:*", matchCriteriaId: "017FA232-935C-4096-8087-5F90147589C2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8500t:*:*:*:*:*:*:*", matchCriteriaId: "131FA189-EAB5-4D51-AFD8-7AD03D4E0DE7", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8600:*:*:*:*:*:*:*", matchCriteriaId: "7C86118F-42C7-4F7E-B156-AA7AC53BE96B", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8600k:*:*:*:*:*:*:*", matchCriteriaId: "45ACBBEA-EC95-4F3E-B585-893DB6D21A0F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i5:8600t:*:*:*:*:*:*:*", matchCriteriaId: "E2EFD9AB-6FF2-4C90-AF14-510B16F41C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i7:7y75:*:*:*:*:*:*:*", matchCriteriaId: "7DEC55DF-1950-45E5-A5F2-B5604AFA1CBD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6500u:*:*:*:*:*:*:*", matchCriteriaId: "923D2D73-F953-44D2-9A25-E118136E8C5A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6560u:*:*:*:*:*:*:*", matchCriteriaId: "B219CA1A-FFBD-4434-B7FC-EFD52EBC955F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6567u:*:*:*:*:*:*:*", matchCriteriaId: "AE2AEDB1-8C35-4210-B045-69216480B384", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6600u:*:*:*:*:*:*:*", matchCriteriaId: "484C1B49-7D90-4360-BE33-C1DAB755ED89", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6650u:*:*:*:*:*:*:*", matchCriteriaId: "C08FE92E-D97F-40E1-8482-1DA777EBC785", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6660u:*:*:*:*:*:*:*", matchCriteriaId: "2EBD6720-F788-4FD7-BC7F-AAEFAA137486", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6700:*:*:*:*:*:*:*", matchCriteriaId: "08032549-991F-465D-8794-21C8ED2C98D6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6700hq:*:*:*:*:*:*:*", matchCriteriaId: "94514F41-CDCF-4EED-896E-8B5AE7360F0A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6700k:*:*:*:*:*:*:*", matchCriteriaId: "27F79141-5702-4157-8D13-FFB1C2F23FA2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6700t:*:*:*:*:*:*:*", matchCriteriaId: "114D7086-4C6D-4EE8-A2ED-7D4F63FD6A07", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6700te:*:*:*:*:*:*:*", matchCriteriaId: "FF8D239C-B3D6-4F08-AF99-E64752B72346", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6770hq:*:*:*:*:*:*:*", matchCriteriaId: "207507FE-1DC7-4569-A5A9-392290622EC9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6785r:*:*:*:*:*:*:*", matchCriteriaId: "15FC32E2-9228-4903-9F0A-AF327A1C2D36", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6820eq:*:*:*:*:*:*:*", matchCriteriaId: "FF50D5C4-DFC1-4306-B2C8-09D6788904FE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6820hk:*:*:*:*:*:*:*", matchCriteriaId: "0665FECD-A31D-4EB2-A360-CFA1E58CDEFE", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6820hq:*:*:*:*:*:*:*", matchCriteriaId: "62783CBF-1299-4045-A0D9-E95E7B385164", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6822eq:*:*:*:*:*:*:*", matchCriteriaId: "3B04C754-50CD-4C8C-B56F-A50944EE5799", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6870hq:*:*:*:*:*:*:*", matchCriteriaId: "B6A7DE62-EB8A-4C5B-B143-3892CF1EE7CA", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6920hq:*:*:*:*:*:*:*", matchCriteriaId: "23BA712E-4516-4823-8E85-6AC24BE3240F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:6970hq:*:*:*:*:*:*:*", matchCriteriaId: "7C1303D7-33B3-48AA-BD62-74984AD22AF1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7500u:*:*:*:*:*:*:*", matchCriteriaId: "6158ED8A-007E-48B7-99BF-8BA03BF584BD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7560u:*:*:*:*:*:*:*", matchCriteriaId: "DBA7096A-F321-49A0-911A-F9683ABE6E6A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7567u:*:*:*:*:*:*:*", matchCriteriaId: "6A471395-7F8F-4BA5-962D-4D8F271FAB47", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7600u:*:*:*:*:*:*:*", matchCriteriaId: "B9484380-92B9-44DB-8E20-DC8DE02D1CA6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7660u:*:*:*:*:*:*:*", matchCriteriaId: "8010808D-805D-4CA3-9EA2-55EB1E57964C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7700:*:*:*:*:*:*:*", matchCriteriaId: "9716FE9F-A056-42A3-A241-F2FE37A6386A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7700hq:*:*:*:*:*:*:*", matchCriteriaId: "F73422A3-ECA0-4C41-9AA5-CF7D77885CF6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7700k:*:*:*:*:*:*:*", matchCriteriaId: "7A96A5AF-C9EF-4DED-AE25-4540A2B02915", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7700t:*:*:*:*:*:*:*", matchCriteriaId: "D5115B12-053A-4866-A833-D6EC88D8F93E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7820eq:*:*:*:*:*:*:*", matchCriteriaId: "C5619D4D-9685-4595-8A5F-A18273FE4213", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7820hk:*:*:*:*:*:*:*", matchCriteriaId: "B77E00E7-0EA4-4E32-A693-0E0F66BA4C57", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7820hq:*:*:*:*:*:*:*", matchCriteriaId: "DAA3457E-7E1A-4878-9752-79382E954A66", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:7920hq:*:*:*:*:*:*:*", matchCriteriaId: "68630C63-4457-4E12-B7BD-AD456B237FC5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8086k:*:*:*:*:*:*:*", matchCriteriaId: "B506523F-101E-4F05-82D5-31E37B8B2E8C", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8500y:*:*:*:*:*:*:*", matchCriteriaId: "1ED47811-5435-43D1-A57F-CA89807A6118", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8550u:*:*:*:*:*:*:*", matchCriteriaId: "F6FB5695-2950-4CEC-81B4-FD280F835330", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8559u:*:*:*:*:*:*:*", matchCriteriaId: "6799338F-C0F9-4B25-A14C-68C4158B01F6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8565u:*:*:*:*:*:*:*", matchCriteriaId: "BE77F2FF-75AB-4071-B575-C7ECAF5FAEA8", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8650u:*:*:*:*:*:*:*", matchCriteriaId: "9F340AF8-508F-449D-9AFA-4E55F069B4F3", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8700:*:*:*:*:*:*:*", matchCriteriaId: "E944410E-D674-4141-B50C-9F55090325FF", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8700b:*:*:*:*:*:*:*", matchCriteriaId: "5461E4AD-2944-46A0-A696-FC32CD069D64", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8700k:*:*:*:*:*:*:*", matchCriteriaId: "A6438E07-0AC0-4BF9-B0F2-9072CA9639D6", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8700t:*:*:*:*:*:*:*", matchCriteriaId: "E2A76E12-842B-4925-B5F5-53497C3E420F", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8705g:*:*:*:*:*:*:*", matchCriteriaId: "28F8C010-77B1-4774-AE6D-2A8375F5E8B5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8706g:*:*:*:*:*:*:*", matchCriteriaId: "19CC5153-BE9A-4394-BFA5-1F0DBEA16163", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8709g:*:*:*:*:*:*:*", matchCriteriaId: "361C2658-F122-4AE9-B67D-4467F29E096D", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8750h:*:*:*:*:*:*:*", matchCriteriaId: "66106AD9-F1DA-4A43-9968-7F5BD31D92CD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8809g:*:*:*:*:*:*:*", matchCriteriaId: "C47C2864-4B34-46DD-AABF-9F38B72578AC", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:core_i7:8850h:*:*:*:*:*:*:*", matchCriteriaId: "77AFA400-C880-48AE-B32F-0AC8DF073CCB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:core_i9:8950hk:*:*:*:*:*:*:*", matchCriteriaId: "8F28F2C6-E1CE-4722-A496-C8AEBC7CF6E4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "7EF7EC93-0170-45A9-86C7-5460320B2AE9", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1220_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "A8A7B1C2-D2CE-485A-9376-27E14F3FA05A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "4B9FF7FB-AB5A-4549-8C15-E69458C649E2", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1225_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "1CEF6608-B650-4C77-9823-0AD57B3484F1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "EBAAC728-6A0F-4675-9677-AAF7DD5D38ED", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1230_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "DB3BFEFD-3D0D-48B0-A5AE-6F3C2D791CE1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1235l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "A79C2131-5566-4CC2-B6ED-38E3F6964500", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "605D7552-8184-4B11-96FD-FE501A6C97DD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "3144BBDE-CC96-4408-AA02-ECC3BF902A34", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1240l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "E7165B43-ED22-4714-8FA4-1E201D1BFA69", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "3E3E6F5F-6B82-43D9-BD6E-D22F9B991DB4", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1245_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "75AD7649-3FEA-4971-9886-6C9312B937A1", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1260l_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "C35AA9AC-28B3-49C2-A9B5-5D26DFEDB723", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "3472AA7B-C0CF-4D65-8A6C-B1D52D27F0CB", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1270_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "C07E80D5-70A5-49C9-9044-D683C7ECCFF5", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1275_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "D75D0EEB-707C-4C86-A569-E91E9F00BA77", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v5:-:*:*:*:*:*:*:*", matchCriteriaId: "04DB08C8-0018-4A8E-A206-097BDDF83B08", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1280_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "B7193E85-30BE-42D5-A26B-3F88817F3574", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_e3_1285_v6:-:*:*:*:*:*:*:*", matchCriteriaId: "2A371DF9-E224-404F-99C2-C2A4607E62D8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:intel:converged_security_management_engine_firmware:11.0:*:*:*:*:*:*:*", matchCriteriaId: "13808A7B-9416-4D3A-9437-A6011706B072", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:intel:xeon_w:2123:*:*:*:*:*:*:*", matchCriteriaId: "FFB069D8-C4F7-4AA2-8B58-1A7094D72D40", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2125:*:*:*:*:*:*:*", matchCriteriaId: "064C9D77-F224-403E-B714-89EC9DE79A83", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2133:*:*:*:*:*:*:*", matchCriteriaId: "C259C0B1-2075-4DC8-9C02-4EEFF9BB4A7A", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2135:*:*:*:*:*:*:*", matchCriteriaId: "B52F8ED6-63B7-4B83-9586-4129E1E8E523", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2145:*:*:*:*:*:*:*", matchCriteriaId: "F915355B-1385-4329-9A7E-CE683B30C3AD", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2155:*:*:*:*:*:*:*", matchCriteriaId: "59D83BE6-62D2-434F-AE62-EF934955000E", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2175:*:*:*:*:*:*:*", matchCriteriaId: "04541EAF-0EC5-49C4-8B84-D97C6B376400", vulnerable: false, }, { criteria: "cpe:2.3:h:intel:xeon_w:2195:*:*:*:*:*:*:*", matchCriteriaId: "31B22944-141B-44AF-88CB-631216772968", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access.", }, { lang: "es", value: "Un error de lógica en Intel Converged Security Management Engine 11.x podría permitir que un atacante ejecute código arbitrario mediante el acceso local privilegiado.", }, ], id: "CVE-2018-3627", lastModified: "2024-11-21T04:05:47.670", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.5, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-10T21:29:00.810", references: [ { source: "secure@intel.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0006/", }, { source: "secure@intel.com", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", }, ], sourceIdentifier: "secure@intel.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-21 16:01
Modified
2024-11-21 04:47
Severity ?
Summary
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "0D5DDB30-49C4-4789-9AE3-88BB9B68C5F0", versionEndIncluding: "4.20.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", matchCriteriaId: "8D305F7A-D159-4716-AB26-5E38BB5CD991", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", matchCriteriaId: "B5A6F2F3-4894-4392-8296-3B8DD2679084", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", matchCriteriaId: "07C312A0-CD2C-4B9C-B064-6409B25C278F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*", matchCriteriaId: "83077160-BB98-408B-81F0-8EF9E566BF28", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", matchCriteriaId: "92BC9265-6959-4D37-BE5E-8C45E98992F8", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "831F0F47-3565-4763-B16F-C87B1FF2035E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "0E3F09B5-569F-4C58-9FCA-3C0953D107B5", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "6C3741B8-851F-475D-B428-523F4F722350", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*", matchCriteriaId: "C2B15608-BABC-4663-A58F-B74BD2D1A734", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*", matchCriteriaId: "CBF9BCF3-187F-410A-96CA-9C47D3ED6924", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*", matchCriteriaId: "36E85B24-30F2-42AB-9F68-8668C0FCC5E3", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "77C61DDC-81F3-4E2D-9CAA-17A256C85443", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "B6B0DA79-DF12-4418-B075-F048C9E2979A", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "6D5DE3C5-B090-4CE7-9AF2-DEB379D7D5FC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "B92409A9-0D6B-4B7E-8847-1B63837D201F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "C5C5860E-9FEB-4259-92FD-A85911E2F99E", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "CCE99A08-D6F7-4937-8154-65062BC88009", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "6897676D-53F9-45B3-B27F-7FF9A4C58D33", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "E28F226A-CBC7-4A32-BE58-398FA5B42481", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "76C24D94-834A-4E9D-8F73-624AFA99AAA2", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", matchCriteriaId: "B09ACF2D-D83F-4A86-8185-9569605D8EE1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", matchCriteriaId: "AC10D919-57FD-4725-B8D2-39ECB476902F", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", matchCriteriaId: "1272DF03-7674-4BD4-8E64-94004B195448", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.", }, { lang: "es", value: "La implementación KVM en el kernel de Linux, hasta la versión 4.20.5, tiene una fuga de información.", }, ], id: "CVE-2019-7222", lastModified: "2024-11-21T04:47:47.040", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:01:11.127", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/151712/KVM-kvm_inject_page_fault-Uninitialized-Memory-Leak.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/02/18/2", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106963", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1759", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=353c0956a618a07ba4bbe7ad00ff29fe70e8412a", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3930-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3930-2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3931-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3931-2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3932-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3932-2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3933-1/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3933-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/151712/KVM-kvm_inject_page_fault-Uninitialized-Memory-Leak.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/02/18/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/106963", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2043", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:3517", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=1759", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=353c0956a618a07ba4bbe7ad00ff29fe70e8412a", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commits/master/arch/x86/kvm", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDOXCX3QFVWYXH5CQMGDDE7H6MUG5XGG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y2HMABEMJDPA6LPCBE5WIEZXUKY7DLTN/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190404-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3930-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3930-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3931-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3931-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3932-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3932-2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3933-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/3933-2/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-04-04 16:29
Modified
2024-11-21 04:01
Severity ?
Summary
The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | 4.14.90 | |
| netapp | element_software_management_node | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:4.14.90:*:*:*:*:*:*:*", matchCriteriaId: "0AFADFA1-25D0-4DF0-8D61-E8C24E524E68", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading \"callback=\" lines in a debugfs file.", }, { lang: "es", value: "La función hidma_chan_stats en drivers/dma/qcom/hidma_dbg.c en el kernel de Linux, en su versión 4.14.90, permite a los usuarios locales obtener información sensible de direcciones, leyendo líneas \"callback=\" en un archivo debugfs.", }, ], id: "CVE-2018-20449", lastModified: "2024-11-21T04:01:30.327", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.1, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:L/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-04-04T16:29:00.383", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://elixir.bootlin.com/linux/v4.14.90/source/drivers/dma/qcom/hidma_dbg.c#L92", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190502-0002/", }, { source: "cve@mitre.org", url: "https://www.mail-archive.com/debian-security-tracker%40lists.debian.org/msg03808.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://elixir.bootlin.com/linux/v4.14.90/source/drivers/dma/qcom/hidma_dbg.c#L92", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190502-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.mail-archive.com/debian-security-tracker%40lists.debian.org/msg03808.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-26 16:29
Modified
2024-11-21 03:32
Severity ?
Summary
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "486E784F-1FC5-42AA-B144-EDBE5FE9B993", versionEndIncluding: "9.2.26", vulnerable: true, }, { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "C513260A-7AD7-44C2-97F0-167B5819475E", versionEndExcluding: "9.3.24", versionStartIncluding: "9.3.0", vulnerable: true, }, { criteria: "cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:*", matchCriteriaId: "5A720480-0A8A-48FE-85FE-6973DAB7A7D5", versionEndExcluding: "9.4.11", versionStartIncluding: "9.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:e-series_santricity_management:-:*:*:*:*:*:*:*", matchCriteriaId: "3CF77086-43C1-44DB-A574-61A9A3DD1220", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "F5F95A41-A496-481C-A906-E0307AC1EA63", versionEndIncluding: "11.50.1", versionStartIncluding: "11.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:*:*:*", matchCriteriaId: "680ECEAE-D73F-47D2-8AF8-7704469CF3EA", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "85DF4B3F-4BBC-42B7-B729-096934523D63", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:*", matchCriteriaId: "855D6A52-F96F-4CA0-A59C-4D42173F22E1", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_system_manager:3.x:*:*:*:*:*:*:*", matchCriteriaId: "8BE20EF7-C8A3-4C2A-BE0C-C26452830C31", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*", matchCriteriaId: "97547862-C382-4F46-B393-481D40E924E8", versionEndExcluding: "5.2.4", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:santricity_cloud_connector:-:*:*:*:*:*:*:*", matchCriteriaId: "AB15BCF1-1B1D-49D8-9B76-46DCB10044DB", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snap_creator_framework:*:*:*:*:*:*:*:*", matchCriteriaId: "9E234481-81F5-42D7-A4EC-F71245268D5C", versionEndExcluding: "4.3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapcenter:*:*:*:*:*:*:*:*", matchCriteriaId: "33862093-55AD-46CE-97F5-0A00A62766FD", versionEndExcluding: "4.1p3", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:oracle:*:*", matchCriteriaId: "41436638-0B88-4823-8208-81C01F2CA6A6", versionEndExcluding: "3.4.2", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapmanager:*:*:*:*:*:sap:*:*", matchCriteriaId: "910F5303-1F70-44E3-A951-567447BC46FF", versionEndExcluding: "3.4.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*", matchCriteriaId: "92C306B7-185C-4CC4-8DEF-4C57B61C49AF", versionEndExcluding: "8.6.2-00", versionStartIncluding: "8.4.0-00", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:hp:xp_p9000:-:*:*:*:*:*:*:*", matchCriteriaId: "1CC9BC28-72E9-4D53-B388-6A8AB7CFD22E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*", matchCriteriaId: "36FC547E-861A-418C-A314-DA09A457B13A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*", matchCriteriaId: "DF9FEE51-50E3-41E9-AA0D-272A640F85CC", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*", matchCriteriaId: "E69E905F-2E1A-4462-9082-FF7B10474496", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*", matchCriteriaId: "0F9B692C-8986-4F91-9EF4-2BB1E3B5C133", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1:*:*:*:*:*:*:*", matchCriteriaId: "A0ED83E3-E6BF-4EAA-AF8F-33485A88A218", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0:*:*:*:*:*:*:*", matchCriteriaId: "11DA6839-849D-4CEF-85F3-38FE75E07183", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_xstore_point_of_service:16.0:*:*:*:*:*:*:*", matchCriteriaId: "BCE78490-A4BE-40BD-8C72-0A4526BBD4A4", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:*", matchCriteriaId: "55AE3629-4A66-49E4-A33D-6D81CC94962F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.", }, { lang: "es", value: "En Eclipse Jetty, en versiones 9.2.x y anteriores, versiones 9.3.x (todas las configuraciones) y versiones 9.4.x (configuración personalizada con el cumplimiento RFC2616 habilitado), los fragmentos transfer-encoding se gestionan de forma incorrecta. El análisis de longitud de fragmento era vulnerable a un desbordamiento de enteros. Así, podría interpretarse un tamaño de fragmento grande como un tamaño menor y el contenido enviado como cuerpo del fragmento podría interpretarse como una petición pipelined. Si Jetty se despliega tras un intermediario que imponía autorización y el intermediario permitía que se pasasen o no se cambiasen grandes fragmentos arbitrarios, este error podría emplearse para omitir la autorización impuesta por el intermediario, ya que la petición pipelined falsa no sería interpretada por el intermediario como una petición.", }, ], id: "CVE-2017-7657", lastModified: "2024-11-21T03:32:23.613", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-26T16:29:00.257", references: [ { source: "emo@eclipse.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041194", }, { source: "emo@eclipse.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0910", }, { source: "emo@eclipse.org", tags: [ "Third Party Advisory", ], url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8%40%3Ccommits.druid.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae%40%3Ccommits.druid.apache.org%3E", }, { source: "emo@eclipse.org", url: "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574%40%3Ccommits.druid.apache.org%3E", }, { source: "emo@eclipse.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20181014-0001/", }, { source: "emo@eclipse.org", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us", }, { source: "emo@eclipse.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4278", }, { source: "emo@eclipse.org", url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "emo@eclipse.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "emo@eclipse.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1041194", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0910", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.eclipse.org/bugs/show_bug.cgi?id=535668", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272%40%3Cissues.activemq.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r41af10c4adec8d34a969abeb07fd0d6ad0c86768b751464f1cdd23e8%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r9159c9e7ec9eac1613da2dbaddbc15691a13d4dbb2c8be974f42e6ae%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/ra6f956ed4ec2855583b2d0c8b4802b450f593d37b77509b48cd5d574%40%3Ccommits.druid.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20181014-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03953en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2018/dsa-4278", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com//security-alerts/cpujul2021.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/security-alerts/cpuoct2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], sourceIdentifier: "emo@eclipse.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-444", }, ], source: "emo@eclipse.org", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-444", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }