rhsa-2019_3309
Vulnerability from csaf_redhat
Published
2019-11-05 20:44
Modified
2024-11-05 21:32
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)
* Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)
* Kernel: page cache side channel attacks (CVE-2019-5489)
* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)
* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)
* Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)
* kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c (CVE-2018-19854)
* kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)
* kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459)
* kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460)
* kernel: SCTP socket buffer memory leak leading to denial of service (CVE-2019-3874)
* kernel: denial of service vector through vfio DMA mappings (CVE-2019-3882)
* kernel: null-pointer dereference in hci_uart_set_flow_control (CVE-2019-10207)
* kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599)
* kernel: fs/ext4/extents.c leads to information disclosure (CVE-2019-11833)
* kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884)
* kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233)
* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916)
* kernel: oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985)
* Kernel: KVM: leak of uninitialized stack contents to guest (CVE-2019-7222)
* Kernel: net: weak IP ID generation leads to remote device tracking (CVE-2019-10638)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)\n\n* Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)\n\n* Kernel: page cache side channel attacks (CVE-2019-5489)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\n* Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)\n\n* kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c (CVE-2018-19854)\n\n* kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)\n\n* kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459)\n\n* kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460)\n\n* kernel: SCTP socket buffer memory leak leading to denial of service (CVE-2019-3874)\n\n* kernel: denial of service vector through vfio DMA mappings (CVE-2019-3882)\n\n* kernel: null-pointer dereference in hci_uart_set_flow_control (CVE-2019-10207)\n\n* kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599)\n\n* kernel: fs/ext4/extents.c leads to information disclosure (CVE-2019-11833)\n\n* kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884)\n\n* kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233)\n\n* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916)\n\n* kernel: oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985)\n\n* Kernel: KVM: leak of uninitialized stack contents to guest (CVE-2019-7222)\n\n* Kernel: net: weak IP ID generation leads to remote device tracking (CVE-2019-10638)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3309",
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/"
},
{
"category": "external",
"summary": "1656986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656986"
},
{
"category": "external",
"summary": "1660375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660375"
},
{
"category": "external",
"summary": "1660385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660385"
},
{
"category": "external",
"summary": "1663176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663176"
},
{
"category": "external",
"summary": "1663179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663179"
},
{
"category": "external",
"summary": "1664110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664110"
},
{
"category": "external",
"summary": "1666106",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666106"
},
{
"category": "external",
"summary": "1671930",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671930"
},
{
"category": "external",
"summary": "1678887",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678887"
},
{
"category": "external",
"summary": "1686373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686373"
},
{
"category": "external",
"summary": "1689426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689426"
},
{
"category": "external",
"summary": "1698757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698757"
},
{
"category": "external",
"summary": "1700666",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700666"
},
{
"category": "external",
"summary": "1705937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705937"
},
{
"category": "external",
"summary": "1709837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709837"
},
{
"category": "external",
"summary": "1712072",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712072"
},
{
"category": "external",
"summary": "1716992",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716992"
},
{
"category": "external",
"summary": "1724657",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724657"
},
{
"category": "external",
"summary": "1727756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727756"
},
{
"category": "external",
"summary": "1727857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727857"
},
{
"category": "external",
"summary": "1728765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728765"
},
{
"category": "external",
"summary": "1729931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729931"
},
{
"category": "external",
"summary": "1733472",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733472"
},
{
"category": "external",
"summary": "1733874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733874"
},
{
"category": "external",
"summary": "1743931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743931"
},
{
"category": "external",
"summary": "1745646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1745646"
},
{
"category": "external",
"summary": "1746708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746708"
},
{
"category": "external",
"summary": "1750813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750813"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3309.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2024-11-05T21:32:29+00:00",
"generator": {
"date": "2024-11-05T21:32:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2019:3309",
"initial_release_date": "2019-11-05T20:44:12+00:00",
"revision_history": [
{
"date": "2019-11-05T20:44:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-11-05T20:44:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T21:32:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm-debuginfo@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product": {
"name": "kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product_id": "kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm-debuginfo@4.18.0-147.rt24.93.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"product": {
"name": "kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"product_id": "kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-147.rt24.93.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-147.rt24.93.el8.src as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "NFV-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-147.rt24.93.el8.src as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"relates_to_product_reference": "RT-8.1.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Evgenii Shatokhin",
"Vasily Averin"
],
"organization": "Virtuozzo"
}
],
"cve": "CVE-2018-16884",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-12-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1660375"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nfs: use-after-free in svc_process_common()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-16884"
},
{
"category": "external",
"summary": "RHBZ#1660375",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660375"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16884"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-16884",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16884"
}
],
"release_date": "2018-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: nfs: use-after-free in svc_process_common()"
},
{
"cve": "CVE-2018-19854",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1656986"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in the Linux kernel in the crypto_report_one() and related functions in the crypto/crypto_user.c (the crypto user configuration API) which do not fully initialize structures that are copied to userspace, potentially leaking sensitive kernel memory content to a userspace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19854"
},
{
"category": "external",
"summary": "RHBZ#1656986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1656986"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19854",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19854"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19854",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19854"
}
],
"release_date": "2018-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c"
},
{
"cve": "CVE-2018-19985",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2019-01-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666106"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel in the function hso_probe() which reads if_num value from the USB device (as an u8) and uses it without a length check to index an array, resulting in an OOB memory read in hso_probe() or hso_get_config_data(). An attacker with a forged USB device and physical access to a system (needed to connect such a device) can cause a system crash and a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: oob memory read in hso_probe in drivers/net/usb/hso.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19985"
},
{
"category": "external",
"summary": "RHBZ#1666106",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666106"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19985",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19985"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19985",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19985"
}
],
"release_date": "2018-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: oob memory read in hso_probe in drivers/net/usb/hso.c"
},
{
"cve": "CVE-2018-20169",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2018-12-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1660385"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in the Linux kernel\u0027s USB subsystem in the __usb_get_extra_descriptor() function in the drivers/usb/core/usb.c which mishandles a size check during the reading of an extra descriptor data. By using a specially crafted USB device which sends a forged extra descriptor, an unprivileged user with physical access to the system can potentially cause a privilege escalation or trigger a system crash or lock up and thus to cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20169"
},
{
"category": "external",
"summary": "RHBZ#1660385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20169",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20169"
}
],
"release_date": "2018-12-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS"
},
{
"cve": "CVE-2019-3459",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-01-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1663176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of Logical Link Control and Adaptation Protocol (L2CAP), part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packet can contain part of the kernel stack which can be used in a further attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Heap address information leak while using L2CAP_GET_CONF_OPT",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3459"
},
{
"category": "external",
"summary": "RHBZ#1663176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3459",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3459"
}
],
"release_date": "2019-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"category": "workaround",
"details": "- Disabling the bluetooth hardware in the bios.\n- Prevent loading of the bluetooth kernel modules.\n- Disable the bluetooth connection by putting the system in \"airport\" mode.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Heap address information leak while using L2CAP_GET_CONF_OPT"
},
{
"cve": "CVE-2019-3460",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-01-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1663179"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical access within the range of standard Bluetooth transmission can create a specially crafted packet. The response to this specially crafted packet can contain part of the kernel stack which can be used in a further attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3460"
},
{
"category": "external",
"summary": "RHBZ#1663179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663179"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3460",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3460"
}
],
"release_date": "2019-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"category": "workaround",
"details": "- Disabling the bluetooth hardware in the bios.\n- Prevent loading of the bluetooth kernel modules.\n- Disable the bluetooth connection by putting the system in \"airport\" mode.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP"
},
{
"acknowledgments": [
{
"names": [
"Andrea Spagnolo",
"Matteo Croce",
"Natale Vinto"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3874",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-03-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1686373"
}
],
"notes": [
{
"category": "description",
"text": "The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: SCTP socket buffer memory leak leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this issue affects the Linux Kernel in Red Hat Enterprise Linux, and not OpenShift Container Platform (OCP) 3 code directly. OCP 3 makes use of CGroups in the Kernel to measure and report on the amount of system resources used by an end user application.\n\nThe default Security Context Constraints (SCC) in OpenShift Container Platform 3.x disallow an end user from running a container as root. Also a check is performed by the OCP 3 Installer to ensure SELinux is enabled, [1].\n\n[1] https://github.com/openshift/openshift-ansible/blob/006fb14e9a28df9bd1a58ac376bbdf3eba50fa51/roles/openshift_node/tasks/main.yml#L3",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3874"
},
{
"category": "external",
"summary": "RHBZ#1686373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3874",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3874"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3874",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3874"
},
{
"category": "external",
"summary": "https://discuss.kubernetes.io/t/kubernetes-security-announcement-linux-kernel-memory-cgroups-escape-via-sctp-cve-2019-3874/5594",
"url": "https://discuss.kubernetes.io/t/kubernetes-security-announcement-linux-kernel-memory-cgroups-escape-via-sctp-cve-2019-3874/5594"
},
{
"category": "external",
"summary": "https://lore.kernel.org/netdev/20190401113110.GA20717@hmswarspite.think-freely.org/T/#u",
"url": "https://lore.kernel.org/netdev/20190401113110.GA20717@hmswarspite.think-freely.org/T/#u"
}
],
"release_date": "2019-03-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"category": "workaround",
"details": "SELinux prevents a bind of the SCTP socket by a non-root user. \n\nTo mitigate this issue if not using SELinux, or if a Security Context Constraint allows running pods as the root user the \u0027sctp\u0027 module should be blacklisted. Please this this Knowledge Base article for more information on how to blacklist a kernel module. https://access.redhat.com/solutions/41278",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: SCTP socket buffer memory leak leading to denial of service"
},
{
"acknowledgments": [
{
"names": [
"Alex Williamson"
],
"organization": "Red Hat Inc.",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3882",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-03-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1689426"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s vfio interface implementation that permits violation of the user\u0027s locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: denial of service vector through vfio DMA mappings",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3882"
},
{
"category": "external",
"summary": "RHBZ#1689426",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689426"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3882",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3882"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3882",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3882"
}
],
"release_date": "2019-04-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: denial of service vector through vfio DMA mappings"
},
{
"acknowledgments": [
{
"names": [
"Jason Wang"
],
"organization": "Red Hat Inc.",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3900",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2019-04-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1698757"
}
],
"notes": [
{
"category": "description",
"text": "An infinite loop issue was found in the vhost_net kernel module while handling incoming packets in handle_rx(). The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: vhost_net: infinite loop while receiving packets leads to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6 and 7. Future kernel updates for Red Hat Enterprise Linux 6 and 7 may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3900"
},
{
"category": "external",
"summary": "RHBZ#1698757",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698757"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3900"
}
],
"release_date": "2019-04-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Kernel: vhost_net: infinite loop while receiving packets leads to DoS"
},
{
"cve": "CVE-2019-5489",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-01-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1664110"
}
],
"notes": [
{
"category": "description",
"text": "A new software page cache side channel attack scenario was discovered in operating systems that implement the very common \u0027page cache\u0027 caching mechanism. A malicious user/process could use \u0027in memory\u0027 page-cache knowledge to infer access timings to shared memory and gain knowledge which can be used to reduce effectiveness of cryptographic strength by monitoring algorithmic behavior, infer access patterns of memory to determine code paths taken, and exfiltrate data to a blinded attacker through page-granularity access times as a side-channel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: page cache side channel attacks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-5489"
},
{
"category": "external",
"summary": "RHBZ#1664110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664110"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-5489",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-5489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5489"
}
],
"release_date": "2019-01-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Kernel: page cache side channel attacks"
},
{
"acknowledgments": [
{
"names": [
"Felix Wilhelm"
],
"organization": "Google"
}
],
"cve": "CVE-2019-7222",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671930"
}
],
"notes": [
{
"category": "description",
"text": "An information leakage issue was found in the way Linux kernel\u0027s KVM hypervisor handled page fault exceptions while emulating instructions like VMXON, VMCLEAR, VMPTRLD, and VMWRITE with memory address as an operand. It occurs if the operand is a mmio address, as the returned exception object holds uninitialized stack memory contents. A guest user/process could use this flaw to leak host\u0027s stack memory contents to a guest.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: KVM: leak of uninitialized stack contents to guest",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG 2.\n\nThis issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 7. Future kernel updates for Red Hat Enterprise Linux 7 may address this issue.\n\nNote:- Impact on Red Hat Enterprise Linux 7 kernel is limited, as it requires that nested virtualization feature is enabled on a system. Nested Virtualization feature is available only as - Technology Preview.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-7222"
},
{
"category": "external",
"summary": "RHBZ#1671930",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671930"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-7222",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-7222"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-7222",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7222"
}
],
"release_date": "2019-02-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Kernel: KVM: leak of uninitialized stack contents to guest"
},
{
"cve": "CVE-2019-9506",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2019-06-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1727857"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in the Bluetooth protocol. An attacker within physical proximity to the Bluetooth connection could downgrade the encryption protocol to be trivially brute forced.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9506"
},
{
"category": "external",
"summary": "RHBZ#1727857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727857"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9506",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9506"
}
],
"release_date": "2019-08-10T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"category": "workaround",
"details": "At this time there is no known mitigation if bluetooth hardware is to be continue to be used. Replacing the hardware with its wired version and disabling bluetooth may be a suitable alternative for some environments.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)"
},
{
"acknowledgments": [
{
"names": [
"huangwen"
],
"organization": "ADLab of Venustech"
}
],
"cve": "CVE-2019-10126",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2019-05-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1716992"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the mwifiex implementation in the Linux kernel. A system connecting to wireless access point could be manipulated by an attacker with advanced permissions on the access point into localized memory corruption or possibly privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10126"
},
{
"category": "external",
"summary": "RHBZ#1716992",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716992"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10126",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10126"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10126",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10126"
}
],
"release_date": "2019-05-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c"
},
{
"cve": "CVE-2019-10207",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2019-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1733874"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s Bluetooth implementation of UART. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: null-pointer dereference in hci_uart_set_flow_control",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10207"
},
{
"category": "external",
"summary": "RHBZ#1733874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733874"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10207",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10207"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10207",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10207"
}
],
"release_date": "2019-07-29T13:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: null-pointer dereference in hci_uart_set_flow_control"
},
{
"cve": "CVE-2019-10638",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-07-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1729931"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a net_hash_mix() function. A remote user could observe a weak IP ID generation in this field to track Linux devices.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: net: weak IP ID generation leads to remote device tracking",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 7, 8 and Red Hat Enterprise MRG 2 may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10638"
},
{
"category": "external",
"summary": "RHBZ#1729931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729931"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10638",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10638"
},
{
"category": "external",
"summary": "https://arxiv.org/pdf/1906.10478.pdf",
"url": "https://arxiv.org/pdf/1906.10478.pdf"
}
],
"release_date": "2019-07-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "Kernel: net: weak IP ID generation leads to remote device tracking"
},
{
"acknowledgments": [
{
"names": [
"Andrea Arcangeli"
],
"organization": "Red Hat Engineering",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-11599",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"discovery_date": "2019-04-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1705937"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service (DoS), or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11599"
},
{
"category": "external",
"summary": "RHBZ#1705937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11599",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11599"
}
],
"release_date": "2019-04-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping"
},
{
"cve": "CVE-2019-11833",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-05-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1712072"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of ext4 extent management. The kernel doesn\u0027t correctly initialize memory regions in the extent tree block which may be exported to a local user to obtain sensitive information by reading empty/uninitialized data from the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: fs/ext4/extents.c leads to information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a possible information leak of data that existed in the extent tree blocks. While the attacker does not have control of what exists in the blocks prior to this point they may be able to glean confidential information or possibly information that could be used to further another attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11833"
},
{
"category": "external",
"summary": "RHBZ#1712072",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712072"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11833",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11833"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11833",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11833"
}
],
"release_date": "2019-05-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: fs/ext4/extents.c leads to information disclosure"
},
{
"cve": "CVE-2019-11884",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-05-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1709837"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of the Bluetooth Human Interface Device Protocol (HIDP). A local attacker with access permissions to the Bluetooth device can issue an IOCTL which will trigger the do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c.c. This function can leak potentially sensitive information from the kernel stack memory via a HIDPCONNADD command because a name field may not be correctly NULL terminated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11884"
},
{
"category": "external",
"summary": "RHBZ#1709837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709837"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11884",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11884"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11884",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11884"
}
],
"release_date": "2019-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command"
},
{
"cve": "CVE-2019-13233",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-07-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1727756"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the arch/x86/lib/insn-eval.c function in the Linux kernel. An attacker could corrupt the memory due to a flaw in use-after-free access to an LDT entry caused by a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in arch/x86/lib/insn-eval.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-13233"
},
{
"category": "external",
"summary": "RHBZ#1727756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727756"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-13233",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13233"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13233",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13233"
}
],
"release_date": "2019-07-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in arch/x86/lib/insn-eval.c"
},
{
"acknowledgments": [
{
"names": [
"Matt Delco"
],
"organization": "Google.com"
}
],
"cve": "CVE-2019-14821",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2019-08-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1746708"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds access issue was found in the way Linux kernel\u0027s KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer \u0027struct kvm_coalesced_mmio\u0027 object, wherein write indices \u0027ring-\u003efirst\u0027 and \u0027ring-\u003elast\u0027 value could be supplied by a host user-space process. An unprivileged host user or process with access to \u0027/dev/kvm\u0027 device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: KVM: OOB memory access via mmio ring buffer",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue requires unprivileged users to have access to \u0027/dev/kvm\u0027 device. So restricting access to \u0027/dev/kvm\u0027 device to known trusted users could limit its exploitation by untrusted users/processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14821"
},
{
"category": "external",
"summary": "RHBZ#1746708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14821",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14821"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14821",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14821"
}
],
"release_date": "2019-09-17T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"category": "workaround",
"details": "Restrict access to the \u0027/dev/kvm\u0027 device to trusted users.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Kernel: KVM: OOB memory access via mmio ring buffer"
},
{
"cve": "CVE-2019-15666",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1747334"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. When xfrm policy removal occurs a system crash could occur. These policy changes generally occur through the ip command or a netlink socket.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds array access in __xfrm_policy_unlink",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A local privileged user (with CAP_NET_ADMIN or root) is required to exploit this condition. With this limitation, this issue is rated as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15666"
},
{
"category": "external",
"summary": "RHBZ#1747334",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1747334"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15666",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15666"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15666",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15666"
}
],
"release_date": "2019-08-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds array access in __xfrm_policy_unlink"
},
{
"cve": "CVE-2019-15916",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1750813"
}
],
"notes": [
{
"category": "description",
"text": "A flaw that allowed an attacker to leak kernel memory was found in the network subsystem where an attacker with permissions to create tun/tap devices can create a denial of service and panic the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15916"
},
{
"category": "external",
"summary": "RHBZ#1750813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750813"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15916",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15916"
}
],
"release_date": "2019-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service"
},
{
"cve": "CVE-2019-15921",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"discovery_date": "2019-10-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1760958"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the genl_register_family function in the Linux kernel. An attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak in genl_register_family() in net/netlink/genetlink.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Low impact because of the preconditions needed to trigger the error/resource cleanup code path (system-wide out-of-memory condition, high privileges or physical access). The generic netlink is a way for kernel modues to easily communicate with userspace using netlink. genl_register_family is thus called by kernel modules (code) only and it\u0027s hard for an attacker to invoke (module reloads?) it let alone fail on the right place.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15921"
},
{
"category": "external",
"summary": "RHBZ#1760958",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760958"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15921",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15921"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15921",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15921"
}
],
"release_date": "2019-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: memory leak in genl_register_family() in net/netlink/genetlink.c"
},
{
"cve": "CVE-2019-15924",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2019-10-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1763869"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the fm10k driver in the Linux kernel reacted to memory-related errors during driver initialization. This flaw allows a local attacker to cause a denial of service and crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: null pointer dereference in drivers/net/ethernet/intel/fm10k/fm10k_main.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Low impact because of the low memory conditions needed to trigger this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15924"
},
{
"category": "external",
"summary": "RHBZ#1763869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1763869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15924",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15924"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15924",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15924"
}
],
"release_date": "2019-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module fm10k from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: null pointer dereference in drivers/net/ethernet/intel/fm10k/fm10k_main.c"
},
{
"cve": "CVE-2019-16994",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-09-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1759681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the sit_init_net function in the Linux kernel handled resource cleanup on errors. This flaw allows an attacker to use the error conditions to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Memory leak in sit_init_net() in net/ipv6/sit.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Low impact because of the preconditions needed to trigger the error/resource cleanup code path (system-wide out-of-memory condition, high privileges or physical access).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16994"
},
{
"category": "external",
"summary": "RHBZ#1759681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16994",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16994"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16994",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16994"
}
],
"release_date": "2019-09-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Memory leak in sit_init_net() in net/ipv6/sit.c"
},
{
"cve": "CVE-2020-10720",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-12-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1781204"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s implementation of GRO. This flaw allows an attacker with local access to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free read in napi_gro_frags() in the Linux kernel",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because it appears to be limited to only to a crash.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10720"
},
{
"category": "external",
"summary": "RHBZ#1781204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10720",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10720"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4270d6795b0580287453ea55974d948393e66ef",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a4270d6795b0580287453ea55974d948393e66ef"
}
],
"release_date": "2019-12-09T14:23:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-05T20:44:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3309"
},
{
"category": "workaround",
"details": "Disabling GSO on the cards using ethtool will prevent this codepath from being taken.",
"product_ids": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"NFV-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"NFV-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.src",
"RT-8.1.0:kernel-rt-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-core-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debug-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-devel-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-kvm-debuginfo-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-0:4.18.0-147.rt24.93.el8.x86_64",
"RT-8.1.0:kernel-rt-modules-extra-0:4.18.0-147.rt24.93.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free read in napi_gro_frags() in the Linux kernel"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.