rhsa-2019_2043
Vulnerability from csaf_redhat
Published
2019-08-07 19:56
Modified
2024-11-05 21:16
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)
* Kernel: page cache side channel attacks (CVE-2019-5489)
* kernel: Buffer overflow in hidp_process_report (CVE-2018-9363)
* kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create() (CVE-2018-9517)
* kernel: kvm: guest userspace to guest kernel write (CVE-2018-10853)
* kernel: use-after-free Read in vhost_transport_send_pkt (CVE-2018-14625)
* kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c (CVE-2018-14734)
* kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests (CVE-2018-15594)
* kernel: TLB flush happens too late on mremap (CVE-2018-18281)
* kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459)
* kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460)
* kernel: denial of service vector through vfio DMA mappings (CVE-2019-3882)
* kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599)
* kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810)
* kernel: fs/ext4/extents.c leads to information disclosure (CVE-2019-11833)
* kernel: Information exposure in fd_locked_ioctl function in drivers/block/floppy.c (CVE-2018-7755)
* kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service (CVE-2018-8087)
* kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c (CVE-2018-9516)
* kernel: Integer overflow in the alarm_timer_nsleep function (CVE-2018-13053)
* kernel: NULL pointer dereference in lookup_slow function (CVE-2018-13093)
* kernel: NULL pointer dereference in xfs_da_shrink_inode function (CVE-2018-13094)
* kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c (CVE-2018-13095)
* kernel: Information leak in cdrom_ioctl_drive_status (CVE-2018-16658)
* kernel: out-of-bound read in memcpy_fromiovecend() (CVE-2018-16885)
* Kernel: KVM: leak of uninitialized stack contents to guest (CVE-2019-7222)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)\n\n* Kernel: page cache side channel attacks (CVE-2019-5489)\n\n* kernel: Buffer overflow in hidp_process_report (CVE-2018-9363)\n\n* kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create() (CVE-2018-9517)\n\n* kernel: kvm: guest userspace to guest kernel write (CVE-2018-10853)\n\n* kernel: use-after-free Read in vhost_transport_send_pkt (CVE-2018-14625)\n\n* kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c (CVE-2018-14734)\n\n* kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests (CVE-2018-15594)\n\n* kernel: TLB flush happens too late on mremap (CVE-2018-18281)\n\n* kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459)\n\n* kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460)\n\n* kernel: denial of service vector through vfio DMA mappings (CVE-2019-3882)\n\n* kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599)\n\n* kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810)\n\n* kernel: fs/ext4/extents.c leads to information disclosure (CVE-2019-11833)\n\n* kernel: Information exposure in fd_locked_ioctl function in drivers/block/floppy.c (CVE-2018-7755)\n\n* kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service (CVE-2018-8087)\n\n* kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c (CVE-2018-9516)\n\n* kernel: Integer overflow in the alarm_timer_nsleep function (CVE-2018-13053)\n\n* kernel: NULL pointer dereference in lookup_slow function (CVE-2018-13093)\n\n* kernel: NULL pointer dereference in xfs_da_shrink_inode function (CVE-2018-13094)\n\n* kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c (CVE-2018-13095)\n\n* kernel: Information leak in cdrom_ioctl_drive_status (CVE-2018-16658)\n\n* kernel: out-of-bound read in memcpy_fromiovecend() (CVE-2018-16885)\n\n* Kernel: KVM: leak of uninitialized stack contents to guest (CVE-2019-7222)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2019:2043", "url": "https://access.redhat.com/errata/RHSA-2019:2043" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/7.7_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/7.7_release_notes/index" }, { "category": "external", "summary": "1553216", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553216" }, { "category": "external", "summary": "1555145", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555145" }, { "category": "external", "summary": "1573916", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573916" }, { "category": "external", "summary": "1589890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1589890" }, { "category": "external", "summary": "1593361", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593361" }, { "category": "external", "summary": "1597747", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597747" }, { "category": "external", "summary": "1597766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597766" }, { "category": "external", "summary": "1597771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597771" }, { "category": "external", "summary": "1597775", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597775" }, { "category": "external", "summary": "1611005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1611005" }, { "category": "external", "summary": "1619846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1619846" }, { "category": "external", "summary": "1620555", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620555" }, { "category": "external", "summary": "1623067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623067" }, { "category": "external", "summary": "1627731", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1627731" }, { "category": "external", "summary": "1631036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631036" }, { "category": "external", "summary": "1631045", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631045" }, { "category": "external", "summary": "1642619", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642619" }, { "category": "external", "summary": "1645121", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645121" }, { "category": "external", "summary": "1661503", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661503" }, { "category": "external", "summary": "1663176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663176" }, { "category": "external", "summary": "1663179", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663179" }, { "category": "external", "summary": "1664110", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664110" }, { "category": "external", "summary": "1664380", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664380" }, { "category": "external", "summary": "1665278", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665278" }, { "category": "external", "summary": "1671126", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671126" }, { "category": "external", "summary": "1671930", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671930" }, { "category": "external", "summary": "1684745", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1684745" }, { "category": "external", "summary": "1689426", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689426" }, { "category": "external", "summary": "1698757", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698757" }, { "category": "external", "summary": "1705937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705937" }, { "category": "external", "summary": "1709164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709164" }, { "category": "external", "summary": "1712072", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712072" }, { "category": "external", "summary": "1717212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1717212" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2043.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-11-05T21:16:02+00:00", "generator": { "date": "2024-11-05T21:16:02+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2019:2043", "initial_release_date": "2019-08-07T19:56:13+00:00", "revision_history": [ { "date": "2019-08-07T19:56:13+00:00", "number": "1", "summary": "Initial version" }, { "date": "2019-08-07T19:56:13+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T21:16:02+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product": { "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_rt:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for Real Time (v. 7)", "product": { "name": "Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_rt:7" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm-debuginfo@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm-debuginfo@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm-debuginfo@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "product": { "name": "kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_id": "kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-1062.rt56.1022.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "product": { "name": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "product_id": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-1062.rt56.1022.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "product": { "name": "kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "product_id": "kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-1062.rt56.1022.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.src as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src" }, "product_reference": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch" }, "product_reference": "kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.src as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src" }, "product_reference": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch" }, "product_reference": "kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.7" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-7755", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1553216" } ], "notes": [ { "category": "description", "text": "An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl and use the obtained kernel pointer to discover the location of kernel code and data and bypass kernel security protections such as KASLR.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Information exposure in fd_locked_ioctl function in drivers/block/floppy.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-7755" }, { "category": "external", "summary": "RHBZ#1553216", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1553216" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-7755", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7755" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7755", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7755" } ], "release_date": "2018-03-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Information exposure in fd_locked_ioctl function in drivers/block/floppy.c" }, { "cve": "CVE-2018-8087", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2018-03-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1555145" } ], "notes": [ { "category": "description", "text": "The Linux kernel is vulnerable to a memory leak in the drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() function. An attacker could exploit this to cause a potential denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-8087" }, { "category": "external", "summary": "RHBZ#1555145", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1555145" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-8087", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8087" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8087", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8087" } ], "release_date": "2018-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service" }, { "cve": "CVE-2018-9363", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2018-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1623067" } ], "notes": [ { "category": "description", "text": "A buffer overflow due to a singed-unsigned comparsion was found in hidp_process_report() in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Buffer overflow in hidp_process_report", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-9363" }, { "category": "external", "summary": "RHBZ#1623067", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1623067" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-9363", "url": "https://www.cve.org/CVERecord?id=CVE-2018-9363" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9363", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9363" } ], "release_date": "2018-08-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Buffer overflow in hidp_process_report" }, { "cve": "CVE-2018-9516", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2018-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1631036" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file. A lack of the certain checks may allow a privileged user (\"root\") to achieve an out-of-bounds write and thus receiving user space buffer corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-9516" }, { "category": "external", "summary": "RHBZ#1631036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631036" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-9516", "url": "https://www.cve.org/CVERecord?id=CVE-2018-9516" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9516", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9516" } ], "release_date": "2018-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c" }, { "cve": "CVE-2018-9517", "cwe": { "id": "CWE-367", "name": "Time-of-check Time-of-use (TOCTOU) Race Condition" }, "discovery_date": "2018-09-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1631045" } ], "notes": [ { "category": "description", "text": "A race condition between pppol2tp_session_create() and l2tp_eth_create() in net/l2tp/l2tp_netlink.c was found in the Linux kernel. Calling l2tp_tunnel_find() may result in a new tunnel being created with tunnel id of a previously removed tunnel which wouldn\u0027t be protected by the reference counter.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-9517" }, { "category": "external", "summary": "RHBZ#1631045", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631045" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-9517", "url": "https://www.cve.org/CVERecord?id=CVE-2018-9517" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-9517", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9517" } ], "release_date": "2018-09-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create()" }, { "acknowledgments": [ { "names": [ "Andy Lutomirski", "Mika Penttil\u00e4" ] } ], "cve": "CVE-2018-10853", "cwe": { "id": "CWE-250", "name": "Execution with Unnecessary Privileges" }, "discovery_date": "2018-06-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1589890" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way Linux kernel KVM hypervisor emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: kvm: guest userspace to guest kernel write", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-10853" }, { "category": "external", "summary": "RHBZ#1589890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1589890" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-10853", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10853" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10853", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10853" } ], "release_date": "2018-06-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: kvm: guest userspace to guest kernel write" }, { "cve": "CVE-2018-13053", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2018-07-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1597747" } ], "notes": [ { "category": "description", "text": "A flaw was found in the alarm_timer_nsleep() function in kernel/time/alarmtimer.c in the Linux kernel. The ktime_add_safe() function is not used and an integer overflow can happen causing an alarm not to fire or possibly a denial-of-service if using a large relative timeout.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Integer overflow in the alarm_timer_nsleep function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-13053" }, { "category": "external", "summary": "RHBZ#1597747", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597747" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-13053", "url": "https://www.cve.org/CVERecord?id=CVE-2018-13053" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-13053", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13053" } ], "release_date": "2018-06-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Integer overflow in the alarm_timer_nsleep function" }, { "cve": "CVE-2018-13093", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2018-07-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1597766" } ], "notes": [ { "category": "description", "text": "An issue was discovered in the XFS filesystem in fs/xfs/xfs_icache.c in the Linux kernel. There is a NULL pointer dereference leading to a system panic in lookup_slow() on a NULL inode-\u003ei_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during an allocation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NULL pointer dereference in lookup_slow function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-13093" }, { "category": "external", "summary": "RHBZ#1597766", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597766" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-13093", "url": "https://www.cve.org/CVERecord?id=CVE-2018-13093" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-13093", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13093" } ], "release_date": "2018-04-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: NULL pointer dereference in lookup_slow function" }, { "cve": "CVE-2018-13094", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2018-07-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1597771" } ], "notes": [ { "category": "description", "text": "An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel. A NULL pointer dereference may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp. This can lead to a system crash and a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NULL pointer dereference in xfs_da_shrink_inode function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-13094" }, { "category": "external", "summary": "RHBZ#1597771", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597771" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-13094", "url": "https://www.cve.org/CVERecord?id=CVE-2018-13094" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-13094", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13094" } ], "release_date": "2018-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: NULL pointer dereference in xfs_da_shrink_inode function" }, { "cve": "CVE-2018-13095", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2018-07-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1597775" } ], "notes": [ { "category": "description", "text": "An issue was discovered in the XFS filesystem in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel. A denial of service due to the NULL pointer dereference can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-13095" }, { "category": "external", "summary": "RHBZ#1597775", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1597775" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-13095", "url": "https://www.cve.org/CVERecord?id=CVE-2018-13095" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-13095", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-13095" } ], "release_date": "2018-06-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c" }, { "cve": "CVE-2018-14625", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "discovery_date": "2018-08-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1619846" } ], "notes": [ { "category": "description", "text": "A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly impersonate AF_VSOCK messages destined to other clients or leak kernel memory.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free Read in vhost_transport_send_pkt", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14625" }, { "category": "external", "summary": "RHBZ#1619846", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1619846" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14625", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14625" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14625", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14625" } ], "release_date": "2018-07-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use-after-free Read in vhost_transport_send_pkt" }, { "cve": "CVE-2018-14734", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-07-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1611005" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux Kernel in the ucma_leave_multicast() function in drivers/infiniband/core/ucma.c which allows access to a certain data structure after freeing it in ucma_process_join(). This allows an attacker to cause a use-after-free bug and to induce kernel memory corruption, leading to a system crash or other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-14734" }, { "category": "external", "summary": "RHBZ#1611005", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1611005" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-14734", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14734" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14734", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14734" } ], "release_date": "2018-06-01T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c" }, { "cve": "CVE-2018-15594", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1620555" } ], "notes": [ { "category": "description", "text": "It was found that paravirt_patch_call/jump() functions in the arch/x86/kernel/paravirt.c in the Linux kernel mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtualized guests.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-15594" }, { "category": "external", "summary": "RHBZ#1620555", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1620555" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-15594", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15594" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-15594", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-15594" } ], "release_date": "2018-08-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests" }, { "cve": "CVE-2018-16658", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2018-09-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1627731" } ], "notes": [ { "category": "description", "text": "An information leak was discovered in the Linux kernel in cdrom_ioctl_drive_status() function in drivers/cdrom/cdrom.c that could be used by local attackers to read kernel memory at certain location.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Information leak in cdrom_ioctl_drive_status", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-16658" }, { "category": "external", "summary": "RHBZ#1627731", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1627731" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-16658", "url": "https://www.cve.org/CVERecord?id=CVE-2018-16658" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-16658", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16658" } ], "release_date": "2018-04-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Information leak in cdrom_ioctl_drive_status" }, { "acknowledgments": [ { "names": [ "Paolo Abeni" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2018-16885", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2018-08-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1661503" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length. This can cause a read beyond the buffer boundaries flaw and, in certain cases, cause a memory access fault and a system halt by accessing invalid memory address.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bound read in memcpy_fromiovecend()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-16885" }, { "category": "external", "summary": "RHBZ#1661503", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661503" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-16885", "url": "https://www.cve.org/CVERecord?id=CVE-2018-16885" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-16885", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16885" } ], "release_date": "2018-12-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: out-of-bound read in memcpy_fromiovecend()" }, { "cve": "CVE-2018-18281", "cwe": { "id": "CWE-672", "name": "Operation on a Resource after Expiration or Release" }, "discovery_date": "2018-10-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1645121" } ], "notes": [ { "category": "description", "text": "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: TLB flush happens too late on mremap", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-18281" }, { "category": "external", "summary": "RHBZ#1645121", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645121" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-18281", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18281" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-18281", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18281" } ], "release_date": "2018-10-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: TLB flush happens too late on mremap" }, { "cve": "CVE-2019-3459", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-01-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1663176" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s implementation of Logical Link Control and Adaptation Protocol (L2CAP), part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packet can contain part of the kernel stack which can be used in a further attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Heap address information leak while using L2CAP_GET_CONF_OPT", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3459" }, { "category": "external", "summary": "RHBZ#1663176", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663176" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3459", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3459" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3459", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3459" } ], "release_date": "2019-01-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" }, { "category": "workaround", "details": "- Disabling the bluetooth hardware in the bios.\n- Prevent loading of the bluetooth kernel modules.\n- Disable the bluetooth connection by putting the system in \"airport\" mode.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Heap address information leak while using L2CAP_GET_CONF_OPT" }, { "cve": "CVE-2019-3460", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-01-01T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1663179" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical access within the range of standard Bluetooth transmission can create a specially crafted packet. The response to this specially crafted packet can contain part of the kernel stack which can be used in a further attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3460" }, { "category": "external", "summary": "RHBZ#1663179", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663179" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3460", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3460" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3460", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3460" } ], "release_date": "2019-01-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" }, { "category": "workaround", "details": "- Disabling the bluetooth hardware in the bios.\n- Prevent loading of the bluetooth kernel modules.\n- Disable the bluetooth connection by putting the system in \"airport\" mode.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP" }, { "acknowledgments": [ { "names": [ "Alex Williamson" ], "organization": "Red Hat Inc.", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2019-3882", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-03-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1689426" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s vfio interface implementation that permits violation of the user\u0027s locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: denial of service vector through vfio DMA mappings", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3882" }, { "category": "external", "summary": "RHBZ#1689426", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689426" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3882", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3882" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3882", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3882" } ], "release_date": "2019-04-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: denial of service vector through vfio DMA mappings" }, { "acknowledgments": [ { "names": [ "Jason Wang" ], "organization": "Red Hat Inc.", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2019-3900", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2019-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1698757" } ], "notes": [ { "category": "description", "text": "An infinite loop issue was found in the vhost_net kernel module while handling incoming packets in handle_rx(). The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: vhost_net: infinite loop while receiving packets leads to DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6 and 7. Future kernel updates for Red Hat Enterprise Linux 6 and 7 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3900" }, { "category": "external", "summary": "RHBZ#1698757", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698757" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3900", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3900" } ], "release_date": "2019-04-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Kernel: vhost_net: infinite loop while receiving packets leads to DoS" }, { "cve": "CVE-2019-5489", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1664110" } ], "notes": [ { "category": "description", "text": "A new software page cache side channel attack scenario was discovered in operating systems that implement the very common \u0027page cache\u0027 caching mechanism. A malicious user/process could use \u0027in memory\u0027 page-cache knowledge to infer access timings to shared memory and gain knowledge which can be used to reduce effectiveness of cryptographic strength by monitoring algorithmic behavior, infer access patterns of memory to determine code paths taken, and exfiltrate data to a blinded attacker through page-granularity access times as a side-channel.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: page cache side channel attacks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-5489" }, { "category": "external", "summary": "RHBZ#1664110", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664110" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-5489", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5489" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5489", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5489" } ], "release_date": "2019-01-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Kernel: page cache side channel attacks" }, { "acknowledgments": [ { "names": [ "Felix Wilhelm" ], "organization": "Google" } ], "cve": "CVE-2019-7222", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-01-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1671930" } ], "notes": [ { "category": "description", "text": "An information leakage issue was found in the way Linux kernel\u0027s KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory contents. A guest user/process could use this flaw to leak host\u0027s stack memory contents to a guest.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: KVM: leak of uninitialized stack contents to guest", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG 2.\n\nThis issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 7. Future kernel updates for Red Hat Enterprise Linux 7 may address this issue.\n\nNote:- Impact on Red Hat Enterprise Linux 7 kernel is limited, as it requires that nested virtualization feature is enabled on a system. Nested Virtualization feature is available only as - Technology Preview.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-7222" }, { "category": "external", "summary": "RHBZ#1671930", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671930" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-7222", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7222" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-7222", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7222" } ], "release_date": "2019-02-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Kernel: KVM: leak of uninitialized stack contents to guest" }, { "cve": "CVE-2019-9456", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2019-09-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819156" } ], "notes": [ { "category": "description", "text": "A flaw was found in the USB monitor driver of the Linux kernel. This flaw allows an attacker with physical access to the system to crash the system or potentially escalate their privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: OOB write due to missing bounds check leads to local privilege escalation", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact because of the need of physical access and debugfs mounted.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9456" }, { "category": "external", "summary": "RHBZ#1819156", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819156" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9456", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9456" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9456", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9456" } ], "release_date": "2019-09-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: OOB write due to missing bounds check leads to local privilege escalation" }, { "acknowledgments": [ { "names": [ "Vasily Averin" ], "organization": "Virtuozzo" } ], "cve": "CVE-2019-10140", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2019-02-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1677778" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in Linux kernel\u0027s implementation of overlayfs. An attacker with local access can create a denial of service situation via NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c. This can allow attackers with ability to create directories on overlayfs to crash the kernel creating a denial of service (DOS).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: overlayfs: NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10140" }, { "category": "external", "summary": "RHBZ#1677778", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677778" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10140", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10140" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10140", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10140" } ], "release_date": "2019-08-15T03:50:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" }, { "category": "workaround", "details": "Some systems may wish to use device-mapper as an alternative to overlayfs. This does not remove the flaw if overlayfs module is still in use.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: overlayfs: NULL pointer dereference in ovl_posix_acl_create function in fs/overlayfs/dir.c" }, { "acknowledgments": [ { "names": [ "Andrea Arcangeli" ], "organization": "Red Hat Engineering", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2019-11599", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "discovery_date": "2019-04-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1705937" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service (DoS), or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11599" }, { "category": "external", "summary": "RHBZ#1705937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705937" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11599", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11599" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11599", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11599" } ], "release_date": "2019-04-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping" }, { "cve": "CVE-2019-11810", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2019-05-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1709164" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel, prior to version 5.0.7, in drivers/scsi/megaraid/megaraid_sas_base.c, where a NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds(). An attacker can crash the system if they were able to load the megaraid_sas kernel module and groom memory beforehand, leading to a denial of service (DoS), related to a use-after-free.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11810" }, { "category": "external", "summary": "RHBZ#1709164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709164" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11810", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11810" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11810", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11810" } ], "release_date": "2019-05-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS" }, { "cve": "CVE-2019-11833", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1712072" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s implementation of ext4 extent management. The kernel doesn\u0027t correctly initialize memory regions in the extent tree block which may be exported to a local user to obtain sensitive information by reading empty/uninitialized data from the filesystem.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: fs/ext4/extents.c leads to information disclosure", "title": "Vulnerability summary" }, { "category": "other", "text": "This is a possible information leak of data that existed in the extent tree blocks. While the attacker does not have control of what exists in the blocks prior to this point they may be able to glean confidential information or possibly information that could be used to further another attack.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11833" }, { "category": "external", "summary": "RHBZ#1712072", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712072" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11833", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11833" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11833", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11833" } ], "release_date": "2019-05-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2019-08-07T19:56:13+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2019:2043" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-NFV-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-NFV-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-NFV-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.src", "7Server-RT-7.7:kernel-rt-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7.noarch", "7Server-RT-7.7:kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7.x86_64", "7Server-RT-7.7:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: fs/ext4/extents.c leads to information disclosure" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.