Action not permitted
Modal body text goes here.
cve-2019-15538
Vulnerability from cvelistv5
Published
2019-08-25 15:25
Modified
2024-08-05 00:49
Severity ?
EPSS score ?
Summary
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T00:49:13.729Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422%40magnolia/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736%40eldamar.local" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "name": "FEDORA-2019-4c91a2f76e", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/" }, { "name": "FEDORA-2019-97380355ae", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/" }, { "name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html" }, { "name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html" }, { "name": "openSUSE-SU-2019:2173", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html" }, { "name": "openSUSE-SU-2019:2181", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html" }, { "name": "USN-4144-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4144-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" }, { "name": "USN-4147-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4147-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.f5.com/csp/article/K32592426?utm_source=f5support\u0026amp%3Butm_medium=RSS" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-10-14T18:06:23", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422%40magnolia/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736%40eldamar.local" }, { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "tags": [ "x_refsource_MISC" ], "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "name": "FEDORA-2019-4c91a2f76e", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/" }, { "name": "FEDORA-2019-97380355ae", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/" }, { "name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html" }, { "name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html" }, { "name": "openSUSE-SU-2019:2173", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html" }, { "name": "openSUSE-SU-2019:2181", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html" }, { "name": "USN-4144-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4144-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" }, { "name": "USN-4147-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4147-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.f5.com/csp/article/K32592426?utm_source=f5support\u0026amp%3Butm_medium=RSS" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-15538", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422@magnolia/", "refsource": "MISC", "url": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422@magnolia/" }, { "name": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736@eldamar.local", "refsource": "MISC", "url": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736@eldamar.local" }, { "name": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee", "refsource": "MISC", "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "name": "FEDORA-2019-4c91a2f76e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/" }, { "name": "FEDORA-2019-97380355ae", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/" }, { "name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html" }, { "name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html" }, { "name": "openSUSE-SU-2019:2173", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html" }, { "name": "openSUSE-SU-2019:2181", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html" }, { "name": "USN-4144-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4144-1/" }, { "name": "https://security.netapp.com/advisory/ntap-20191004-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" }, { "name": "USN-4147-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4147-1/" }, { "name": "https://support.f5.com/csp/article/K32592426?utm_source=f5support\u0026amp;utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K32592426?utm_source=f5support\u0026amp;utm_medium=RSS" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-15538", "datePublished": "2019-08-25T15:25:26", "dateReserved": "2019-08-25T00:00:00", "dateUpdated": "2024-08-05T00:49:13.729Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2019-15538\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-08-25T16:15:11.033\",\"lastModified\":\"2023-11-07T03:05:29.903\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en xfs_setattr_nonsize en fs / xfs / xfs_iops.c en el kernel de Linux a trav\u00e9s de 5.2.9. XFS se bloquea parcialmente cuando falla un chgrp debido a que no se encuentra en la cuota de disco. xfs_setattr_nonsize no puede desbloquear el ILOCK despu\u00e9s de que la llamada xfs_qm_vop_chown_reserve falla. Este es principalmente un vector de ataque DoS local, pero tambi\u00e9n podr\u00eda resultar en DoS remoto si el sistema de archivos XFS se exporta, por ejemplo, a trav\u00e9s de NFS.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":7.8},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.7\",\"versionEndExcluding\":\"4.9.191\",\"matchCriteriaId\":\"00418608-9472-43CD-B79B-0092EE6013C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.14\",\"versionEndExcluding\":\"4.14.141\",\"matchCriteriaId\":\"64B33B35-9C01-4462-AC1F-C30ED99CAEDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.19\",\"versionEndExcluding\":\"4.19.69\",\"matchCriteriaId\":\"36723BB3-95E0-4390-95D5-9B7292AAB1BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.2\",\"versionEndExcluding\":\"5.2.11\",\"matchCriteriaId\":\"69709BBB-06CE-4983-B7B9-872CE9B123DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D036D76E-AC69-4382-B4C1-8EDA1ABB2941\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.3:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E57A227-1EC1-4E47-AE4E-CCD42CAA4710\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.3:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"89F70981-A72F-4796-9572-1DD96ED27A31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.3:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"D88C4C1B-9E6A-447B-B49B-C94AE24CB1C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.3:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBAE804E-3CC3-44C2-B1F5-2DC3EE4FF793\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.3:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"8721379D-C6BC-43BF-8098-396F32182BEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.3:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"65AF2469-2B9F-4D4D-8886-2B8BA66D5FDC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD783B0C-9246-47D9-A937-6144FE8BFF0F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EF46487-B64A-454E-AECC-D74B83170ACD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"952F55C9-7E7C-4539-9D08-E736B3488569\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FED1B0D-F901-413A-85D9-05D4C427570D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"108A2215-50FB-4074-94CF-C130FA14566D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F0B6C0-F930-480D-962B-3F4EFDCC13C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"803BC414-B250-4E3A-A478-A3881340D6B8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FEB3337-BFDE-462A-908B-176F92053CEC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"736AEAE9-782B-4F71-9893-DED53367E102\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD7CFE0E-9D1E-4495-B302-89C3096FC0DF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1E78106-58E6-4D59-990F-75DA575BFAD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D100F7CE-FC64-4CC6-852A-6136D72DA419\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lore.kernel.org/linux-xfs/20190823035528.GH1037422%40magnolia/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lore.kernel.org/linux-xfs/20190823192433.GA8736%40eldamar.local\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20191004-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K32592426?utm_source=f5support\u0026amp%3Butm_medium=RSS\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/4144-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4147-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
wid-sec-w-2024-1202
Vulnerability from csaf_certbund
Published
2019-08-25 22:00
Modified
2024-06-09 22:00
Summary
Linux Kernel: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein entfernter, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Zustand herbeizuführen, um Informationen offenzulegen und um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren, um Informationen offenzulegen und um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.", "title": "Angriff" }, { "category": "general", "text": "- Linux", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2024-1202 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2024-1202.json" }, { "category": "self", "summary": "WID-SEC-2024-1202 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1202" }, { "category": "external", "summary": "National Vulnerbility Database CVE-2019-15504 vom 2019-08-25", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15504" }, { "category": "external", "summary": "National Vulnerbility Database CVE-2019-15505 vom 2019-08-25", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15505" }, { "category": "external", "summary": "National Vulnerbility Database CVE-2019-15538 vom 2019-08-25", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15538" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2414-1 vom 2019-09-20", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192414-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2412-1 vom 2019-09-20", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192412-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2424-1 vom 2019-09-21", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192424-1.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4144-1 vom 2019-10-01", "url": "https://usn.ubuntu.com/4144-1/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4147-1 vom 2019-10-04", "url": "https://usn.ubuntu.com/4147-1/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2648-1 vom 2019-10-12", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192648-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2651-1 vom 2019-10-14", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192651-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2658-1 vom 2019-10-15", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192658-1.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4157-1 vom 2019-10-17", "url": "https://usn.ubuntu.com/4157-1/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4163-1 vom 2019-10-22", "url": "https://usn.ubuntu.com/4163-1/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4162-1 vom 2019-10-22", "url": "https://usn.ubuntu.com/4162-1/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4157-2 vom 2019-10-22", "url": "https://usn.ubuntu.com/4157-2/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2738-1 vom 2019-10-22", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192738-1.html" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4162-2 vom 2019-10-23", "url": "https://usn.ubuntu.com/4162-2/" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4163-2 vom 2019-10-23", "url": "https://usn.ubuntu.com/4163-2/" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2756-1 vom 2019-10-24", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192756-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2949-1 vom 2019-11-13", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2950-1 vom 2019-11-13", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:14218-1 vom 2019-11-13", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914218-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2019:2984-1 vom 2019-11-16", "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html" }, { "category": "external", "summary": "Debian Security Advisory DLA 2068 vom 2020-03-02", "url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202001/msg00013.html" }, { "category": "external", "summary": "Debian Security Advisory DLA 2131 vom 2020-03-05", "url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202003/msg00001.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:2104 vom 2020-05-12", "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "external", "summary": "ORACLE OVMSA-2020-0044 vom 2020-10-09", "url": "https://oss.oracle.com/pipermail/oraclevm-errata/2020-October/001000.html" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:2950 vom 2024-05-22", "url": "https://access.redhat.com/errata/RHSA-2024:2950" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2024:3138 vom 2024-05-22", "url": "https://access.redhat.com/errata/RHSA-2024:3138" }, { "category": "external", "summary": "IBM Security Bulletin 7156774 vom 2024-06-07", "url": "https://www.ibm.com/support/pages/node/7156774" } ], "source_lang": "en-US", "title": "Linux Kernel: Mehrere Schwachstellen", "tracking": { "current_release_date": "2024-06-09T22:00:00.000+00:00", "generator": { "date": "2024-06-10T08:11:03.686+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2024-1202", "initial_release_date": "2019-08-25T22:00:00.000+00:00", "revision_history": [ { "date": "2019-08-25T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2019-08-29T22:00:00.000+00:00", "number": "2", "summary": "Referenz(en) aufgenommen: FEDORA-2019-4C91A2F76E" }, { "date": "2019-09-01T22:00:00.000+00:00", "number": "3", "summary": "Referenz(en) aufgenommen: FEDORA-2019-97380355AE" }, { "date": "2019-09-22T22:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2019-09-30T22:00:00.000+00:00", "number": "5", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2019-10-06T22:00:00.000+00:00", "number": "6", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2019-10-13T22:00:00.000+00:00", "number": "7", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2019-10-14T22:00:00.000+00:00", "number": "8", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2019-10-16T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2019-10-21T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2019-10-22T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2019-10-22T22:00:00.000+00:00", "number": "12", "summary": "Version nicht vorhanden" }, { "date": "2019-10-23T22:00:00.000+00:00", "number": "13", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2019-11-12T23:00:00.000+00:00", "number": "14", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2019-11-13T23:00:00.000+00:00", "number": "15", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2019-11-17T23:00:00.000+00:00", "number": "16", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2020-03-02T23:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2020-03-05T23:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2020-05-12T22:00:00.000+00:00", "number": "19", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-10-11T22:00:00.000+00:00", "number": "20", "summary": "Neue Updates von ORACLE aufgenommen" }, { "date": "2024-05-21T22:00:00.000+00:00", "number": "21", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2024-06-09T22:00:00.000+00:00", "number": "22", "summary": "Neue Updates von IBM aufgenommen" } ], "status": "final", "version": "22" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "category": "product_name", "name": "IBM QRadar SIEM", "product": { "name": "IBM QRadar SIEM", "product_id": "T021415", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:-" } } } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c=5.2.9", "product": { "name": "Open Source Linux Kernel \u003c=5.2.9", "product_id": "T014868", "product_identification_helper": { "cpe": "cpe:/o:linux:linux_kernel:5.2.9" } } } ], "category": "product_name", "name": "Linux Kernel" } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle VM", "product": { "name": "Oracle VM", "product_id": "T011119", "product_identification_helper": { "cpe": "cpe:/a:oracle:vm:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-15504", "notes": [ { "category": "description", "text": "Es gibt eine Schwachstelle im Linux-Kernel in [driverss/net/wireless/rsi/rsi_91x_usb.c] aufgrund einer Double Free Situation. Ein Angreifer kann dies ausnutzen, indem er speziell gestalteten USB-Verkehr erzeugt (der \u00fcber usbip oder usbredir remote laufen kann), um eine unspezifizierte Auswirkung auf das betroffene System zu haben." } ], "product_status": { "known_affected": [ "T011119", "2951", "T002207", "67646", "T000126", "T021415" ], "last_affected": [ "T014868" ] }, "release_date": "2019-08-25T22:00:00Z", "title": "CVE-2019-15504" }, { "cve": "CVE-2019-15505", "notes": [ { "category": "description", "text": "Es gibt eine Schwachstelle im Linux-Kernel in [drivers/media/usb/dvb-usb/technisat-usb2.c] aufgrund eines \"out-of-bounds read\" Fehlers. Ein Angreifer kann dies ausnutzen, indem er speziell gestalteten USB-Verkehr erzeugt (der \u00fcber usbip oder usbredir remote laufen kann), um einen Speicherbereich offenzulegen." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T021415" ], "last_affected": [ "T014868" ] }, "release_date": "2019-08-25T22:00:00Z", "title": "CVE-2019-15505" }, { "cve": "CVE-2019-15538", "notes": [ { "category": "description", "text": "Es gibt eine Schwachstelle im Linux-Kernel in \"xfs_setattr_nonsize\" in[fs/xfs/xfs/xfs_iops.c]. Die Verwendung von \"chgrp\" auf einem XFS-Dateisystem erzeugt eine Denial of Service Bedingung des Dateisystemtreibers, wenn das jeweilige Konto keine freie Disk Quota mehr hat. Wenn das betroffene Dateisystem \u00fcber ein Netzwerk freigegeben wird (z. B. durch einen NFS-Export), kann ein Angreifer dies auch entfernt ausnutzen." } ], "product_status": { "known_affected": [ "2951", "T002207", "67646", "T000126", "T021415" ], "last_affected": [ "T014868" ] }, "release_date": "2019-08-25T22:00:00Z", "title": "CVE-2019-15538" } ] }
rhsa-2020_2104
Vulnerability from csaf_redhat
Published
2020-05-12 15:16
Modified
2024-11-15 09:34
Summary
Red Hat Security Advisory: kernel-alt security and bug fix update
Notes
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
* kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (CVE-2017-18595)
* kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768)
* Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711)
* kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c (CVE-2017-18551)
* kernel: out of bounds write in i2c driver leads to local escalation of privilege (CVE-2019-9454)
* kernel: denial of service in in xfs_setattr_nonsize in fs/xfs/xfs_iops.c (CVE-2019-15538)
* kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c (CVE-2019-19447)
* kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free (CVE-2019-19524)
* kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c (CVE-2020-9383)
* kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service (CVE-2019-12614)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* [7.5-alt][ext4/xfstests generic/468] fix fdatasync(2) after fallocate(2) operation (upstream fixed) [rhel-alt-7.6.z] (BZ#1554273)
* [RHEL-ALT-7.6.z][arm64] CN99xx: DIMM errors not populated in EDAC sysfs (BZ#1778697)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (CVE-2017-18595)\n\n* kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768)\n\n* Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711)\n\n* kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c (CVE-2017-18551)\n\n* kernel: out of bounds write in i2c driver leads to local escalation of privilege (CVE-2019-9454)\n\n* kernel: denial of service in in xfs_setattr_nonsize in fs/xfs/xfs_iops.c (CVE-2019-15538)\n\n* kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c (CVE-2019-19447)\n\n* kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free (CVE-2019-19524)\n\n* kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c (CVE-2020-9383)\n\n* kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service (CVE-2019-12614)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [7.5-alt][ext4/xfstests generic/468] fix fdatasync(2) after fallocate(2) operation (upstream fixed) [rhel-alt-7.6.z] (BZ#1554273)\n\n* [RHEL-ALT-7.6.z][arm64] CN99xx: DIMM errors not populated in EDAC sysfs (BZ#1778697)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:2104", "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1718176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718176" }, { "category": "external", "summary": "1746777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746777" }, { "category": "external", "summary": "1757368", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757368" }, { "category": "external", "summary": "1758671", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758671" }, { "category": "external", "summary": "1781679", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781679" }, { "category": "external", "summary": "1783459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783459" }, { "category": "external", "summary": "1786164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786164" }, { "category": "external", "summary": "1810685", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810685" }, { "category": "external", "summary": "1818818", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818818" }, { "category": "external", "summary": "1825116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825116" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2104.json" } ], "title": "Red Hat Security Advisory: kernel-alt security and bug fix update", "tracking": { "current_release_date": "2024-11-15T09:34:26+00:00", "generator": { "date": "2024-11-15T09:34:26+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:2104", "initial_release_date": "2020-05-12T15:16:03+00:00", "revision_history": [ { "date": "2020-05-12T15:16:03+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-05-12T15:16:03+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T09:34:26+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product": { "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:7::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-bootwrapper@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "perf-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "perf-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "perf-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-perf@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-perf-debuginfo@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.14.0-115.21.2.el7a?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "product": { "name": "kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "product_id": "kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.14.0-115.21.2.el7a?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "product": { "name": "kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "product_id": "kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.14.0-115.21.2.el7a?arch=noarch" } } }, { "category": "product_version", "name": "kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "product": { "name": "kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "product_id": "kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-doc@4.14.0-115.21.2.el7a?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "kernel-alt-0:4.14.0-115.21.2.el7a.src", "product": { "name": "kernel-alt-0:4.14.0-115.21.2.el7a.src", "product_id": "kernel-alt-0:4.14.0-115.21.2.el7a.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-alt@4.14.0-115.21.2.el7a?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch" }, "product_reference": "kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-alt-0:4.14.0-115.21.2.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src" }, "product_reference": "kernel-alt-0:4.14.0-115.21.2.el7a.src", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-doc-0:4.14.0-115.21.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch" }, "product_reference": "kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "perf-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)", "product_id": "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch" }, "product_reference": "kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-alt-0:4.14.0-115.21.2.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src" }, "product_reference": "kernel-alt-0:4.14.0-115.21.2.el7a.src", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-doc-0:4.14.0-115.21.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch" }, "product_reference": "kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "perf-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" }, { "category": "default_component_of", "full_product_name": { "name": "python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)", "product_id": "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" }, "product_reference": "python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "relates_to_product_reference": "7Server-optional-RHELALT-7.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2017-18551", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2019-08-19T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1757368" } ], "notes": [ { "category": "description", "text": "An out of bounds (OOB) memory access flaw was found in i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c in I2C subsystem. A read request for length (data-\u003eblock[0]) greater than \u0027I2C_SMBUS_BLOCK_MAX + 1\u0027 may cause underlying I2C driver write out of array\u0027s boundary. This could allow a local attacker with special user privilege (or root) to crash the system or leak kernel internal information.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18551" }, { "category": "external", "summary": "RHBZ#1757368", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757368" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18551", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18551" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18551", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18551" } ], "release_date": "2019-08-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-12T15:16:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: out of bounds write in function i2c_smbus_xfer_emulated in drivers/i2c/i2c-core-smbus.c" }, { "cve": "CVE-2017-18595", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-10-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758671" } ], "notes": [ { "category": "description", "text": "A flaw was found in the allocate_trace_buffer in kernel/trace/trace.c in the debug subsystem, when failure to allocate a dynamic percpu area, a resource cleanup is called. The pointer (buf-\u003ebuffer) still holds the address and is not set to NULL, which can cause a use-after-free problem, leading to a dangling pointer issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-18595" }, { "category": "external", "summary": "RHBZ#1758671", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758671" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-18595", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18595" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-18595", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18595" } ], "release_date": "2019-09-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-12T15:16:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "workaround", "details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update as soon as possible.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c" }, { "cve": "CVE-2019-9454", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2019-09-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1818818" } ], "notes": [ { "category": "description", "text": "An out-of-bounds write flaw was found in the i2c driver in the Linux kernel. This flaw allows an attacker to escalate privileges with system execution privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out of bounds write in i2c driver leads to local escalation of privilege", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9454" }, { "category": "external", "summary": "RHBZ#1818818", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1818818" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9454", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9454" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9454", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9454" } ], "release_date": "2019-09-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-12T15:16:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: out of bounds write in i2c driver leads to local escalation of privilege" }, { "cve": "CVE-2019-12614", "discovery_date": "2019-06-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1718176" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way Linux kernel\u0027s Dynamic Logical Partitioning (DLPAR) functionality on PowerPC systems handled low memory conditions on device discovery. An attacker who can change the LPAR configuration and incur low memory conditions at the same time could use this flaw to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service", "title": "Vulnerability summary" }, { "category": "other", "text": "An attacker needs to be highly privileged to exploit this issue. He either needs to trigger LPAR configuration change (or wait for such event to happen) and incur low memory conditions at the same time. It could be argued that possessing privileges required to exploit this issue could have the same impact as the issue itself.\n\nThe indications say that this issue was found by static code analysing tool which looks for memory allocations without failure checks and not actually reproduced on a running system. The CVE assignment also looks automated and following the \"better be safe than sorry\" approach.\n\nAs such, this issue is theoretical in nature and Low impact at best.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12614" }, { "category": "external", "summary": "RHBZ#1718176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1718176" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12614", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12614" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12614", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12614" } ], "release_date": "2019-06-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-12T15:16:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: null pointer dereference in dlpar_parse_cc_property in arch/powerrc/platforms/pseries/dlpar.c causing denial of service" }, { "cve": "CVE-2019-15538", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-08-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1746777" } ], "notes": [ { "category": "description", "text": "A flaw was found in the XFS file system in the Linux kernel. An acquired ILOCK was not freed/unlock when the call to xfs_qm_vop_chown_reserve fails and the lock is still held and can lead to denial to access for that device. This is primarily a local denial of service but could result in a remote denial of service if the XFS file system is exported as an NFS file system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: denial of service in in xfs_setattr_nonsize in fs/xfs/xfs_iops.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-15538" }, { "category": "external", "summary": "RHBZ#1746777", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746777" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-15538", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15538" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15538", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15538" } ], "release_date": "2019-08-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-12T15:16:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: denial of service in in xfs_setattr_nonsize in fs/xfs/xfs_iops.c" }, { "cve": "CVE-2019-19447", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781679" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s ext4_unlink function. An attacker could corrupt memory or escalate privileges when deleting a file from a recently unmounted specially crafted ext4 filesystem, including local, USB, and iSCSI.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19447" }, { "category": "external", "summary": "RHBZ#1781679", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781679" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19447", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19447" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19447", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19447" }, { "category": "external", "summary": "https://bugzilla.kernel.org/show_bug.cgi?id=205433", "url": "https://bugzilla.kernel.org/show_bug.cgi?id=205433" }, { "category": "external", "summary": "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447", "url": "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447" } ], "release_date": "2019-12-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-12T15:16:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "workaround", "details": "Ext4 filesytems are built into the kernel so it is not possible to prevent the kernel module from loading. However, this flaw can be prevented by disallowing mounting of untrusted filesystems.\n\nAs mounting is a privileged operation, (except for device hotplug) removing the ability for mounting and unmounting will prevent this flaw from being exploited.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c" }, { "cve": "CVE-2019-19524", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1783459" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u2019s input device driver functionality when unplugging a device. A user with physical access could use this flaw to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19524" }, { "category": "external", "summary": "RHBZ#1783459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783459" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19524", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19524" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19524", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19524" } ], "release_date": "2019-11-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-12T15:16:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "workaround", "details": "To mitigate this issue for the Red Hat Enterprise Linux 7 or higher version, prevent module ff-memless from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free" }, { "cve": "CVE-2019-19768", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-12-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1786164" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability was found in the Linux kernel\u2019s implementation of blktrace in the __blk_add_trace function. A local attacker with permissions to run block trace instructions against a device can create a situation where the core block_trace object is used after it is freed. The attacker can pre-groom memory to race this use-after-free to create a condition where the memory is corrupted and cause privilege escalation.\r\n\r\nThe ability to create this condition requires elevated privileges, and it has been decided that this change in Red Hat Enterprise Linux 5 and 6 would risk introducing possible regressions and will not be backported.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19768" }, { "category": "external", "summary": "RHBZ#1786164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786164" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19768", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19768" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19768", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19768" } ], "release_date": "2019-11-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-12T15:16:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2104" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c" }, { "cve": "CVE-2020-9383", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2020-02-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1810685" } ], "notes": [ { "category": "description", "text": "An out-of-bounds (OOB) memory access flaw was found in the floppy driver module in the Linux kernel. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-9383" }, { "category": "external", "summary": "RHBZ#1810685", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1810685" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9383", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9383" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9383", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9383" } ], "release_date": "2020-02-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-12T15:16:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "workaround", "details": "Mitigation for this issue is to skip loading the affected floppy driver module onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: out-of-bounds read in set_fdc in drivers/block/floppy.c" }, { "acknowledgments": [ { "names": [ "Matthew Sheets" ], "organization": "gd-ms.com" } ], "cve": "CVE-2020-10711", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2020-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1825116" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s SELinux subsystem. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol\u0027s category bitmap into the SELinux extensible bitmap via the\u0027 ebitmap_netlbl_import\u0027 routine. While processing the CIPSO restricted bitmap tag in the \u0027cipso_v4_parsetag_rbm\u0027 routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the versions of the kernel packages as shipped with the Red Hat Enterprise Linux 6 starting with the Red Hat Enterprise Linux 6.7 GA version kernel-2.6.32-573 . Prior Red Hat Enterprise Linux 6 kernel versions are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10711" }, { "category": "external", "summary": "RHBZ#1825116", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1825116" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10711", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10711" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10711", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10711" } ], "release_date": "2020-05-12T12:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-05-12T15:16:03+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:2104" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\n\nThis issue can only be resolved by applying updates.", "product_ids": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "7Server-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.21.2.el7a.src", "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.21.2.el7a.noarch", "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.21.2.el7a.ppc64le", "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.21.2.el7a.ppc64le" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic" } ] }
ghsa-5v37-529g-93gg
Vulnerability from github
Published
2022-05-24 16:54
Modified
2022-05-24 16:54
Details
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.
{ "affected": [], "aliases": [ "CVE-2019-15538" ], "database_specific": { "cwe_ids": [ "CWE-400" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2019-08-25T16:15:00Z", "severity": "HIGH" }, "details": "An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.", "id": "GHSA-5v37-529g-93gg", "modified": "2022-05-24T16:54:43Z", "published": "2022-05-24T16:54:43Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15538" }, { "type": "WEB", "url": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "type": "WEB", "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP" }, { "type": "WEB", "url": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422@magnolia" }, { "type": "WEB", "url": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736@eldamar.local" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20191004-0001" }, { "type": "WEB", "url": "https://support.f5.com/csp/article/K32592426?utm_source=f5support\u0026amp;utm_medium=RSS" }, { "type": "WEB", "url": "https://usn.ubuntu.com/4144-1" }, { "type": "WEB", "url": "https://usn.ubuntu.com/4147-1" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html" } ], "schema_version": "1.4.0", "severity": [] }
gsd-2019-15538
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2019-15538", "description": "An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.", "id": "GSD-2019-15538", "references": [ "https://www.suse.com/security/cve/CVE-2019-15538.html", "https://access.redhat.com/errata/RHSA-2020:2104", "https://ubuntu.com/security/CVE-2019-15538", "https://alas.aws.amazon.com/cve/html/CVE-2019-15538.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2019-15538" ], "details": "An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.", "id": "GSD-2019-15538", "modified": "2023-12-13T01:23:38.734577Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-15538", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422@magnolia/", "refsource": "MISC", "url": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422@magnolia/" }, { "name": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736@eldamar.local", "refsource": "MISC", "url": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736@eldamar.local" }, { "name": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee", "refsource": "MISC", "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "name": "FEDORA-2019-4c91a2f76e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/" }, { "name": "FEDORA-2019-97380355ae", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/" }, { "name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html" }, { "name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html" }, { "name": "openSUSE-SU-2019:2173", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html" }, { "name": "openSUSE-SU-2019:2181", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html" }, { "name": "USN-4144-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4144-1/" }, { "name": "https://security.netapp.com/advisory/ntap-20191004-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" }, { "name": "USN-4147-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4147-1/" }, { "name": "https://support.f5.com/csp/article/K32592426?utm_source=f5support\u0026amp;utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K32592426?utm_source=f5support\u0026amp;utm_medium=RSS" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.9.191", "versionStartIncluding": "4.7", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.14.141", "versionStartIncluding": "4.14", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "4.19.69", "versionStartIncluding": "4.19", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "5.2.11", "versionStartIncluding": "5.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.3:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.3:rc2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.3:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.3:rc4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.3:rc5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:linux:linux_kernel:5.3:rc6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-15538" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-400" } ] } ] }, "references": { "reference_data": [ { "name": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422@magnolia/", "refsource": "MISC", "tags": [ "Mailing List", "Patch", "Vendor Advisory" ], "url": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422@magnolia/" }, { "name": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736@eldamar.local", "refsource": "MISC", "tags": [ "Mailing List", "Patch", "Vendor Advisory" ], "url": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736@eldamar.local" }, { "name": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee", "refsource": "MISC", "tags": [ "Mailing List", "Patch", "Vendor Advisory" ], "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee" }, { "name": "FEDORA-2019-4c91a2f76e", "refsource": "FEDORA", "tags": [ "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/" }, { "name": "FEDORA-2019-97380355ae", "refsource": "FEDORA", "tags": [ "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/" }, { "name": "[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html" }, { "name": "[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html" }, { "name": "openSUSE-SU-2019:2173", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html" }, { "name": "openSUSE-SU-2019:2181", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html" }, { "name": "USN-4144-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4144-1/" }, { "name": "https://security.netapp.com/advisory/ntap-20191004-0001/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20191004-0001/" }, { "name": "USN-4147-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4147-1/" }, { "name": "https://support.f5.com/csp/article/K32592426?utm_source=f5support\u0026amp;utm_medium=RSS", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://support.f5.com/csp/article/K32592426?utm_source=f5support\u0026amp;utm_medium=RSS" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2021-06-02T15:22Z", "publishedDate": "2019-08-25T16:15Z" } } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.