csaf_redhat - rhsa-2020

rhsa-2020_0100

Vulnerability from csaf_redhat

Published

2020-01-14 08:06

Modified

2024-09-13 19:55

Summary

Red Hat Security Advisory: kernel-rt security and bug fix update

Notes

Topic

An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856) * kernel: TLB flush happens too late on mremap (CVE-2018-18281) * kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1779367)

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-rt is now available for Red Hat Enterprise MRG 2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)\n\n* kernel: TLB flush happens too late on mremap (CVE-2018-18281)\n\n* kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1779367)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2020:0100",
        "url": "https://access.redhat.com/errata/RHSA-2020:0100"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1645121",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645121"
      },
      {
        "category": "external",
        "summary": "1705937",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705937"
      },
      {
        "category": "external",
        "summary": "1738705",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738705"
      },
      {
        "category": "external",
        "summary": "1779367",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1779367"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_0100.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
    "tracking": {
      "current_release_date": "2024-09-13T19:55:47+00:00",
      "generator": {
        "date": "2024-09-13T19:55:47+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "3.33.3"
        }
      },
      "id": "RHSA-2020:0100",
      "initial_release_date": "2020-01-14T08:06:10+00:00",
      "revision_history": [
        {
          "date": "2020-01-14T08:06:10+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2020-01-14T08:06:10+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-09-13T19:55:47+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
                "product": {
                  "name": "Red Hat MRG Realtime for RHEL 6 Server v.2",
                  "product_id": "6Server-MRG-Realtime-2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_mrg:2:server:el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise MRG for RHEL-6"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla-devel@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                "product": {
                  "name": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_id": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-vanilla-debuginfo@3.10.0-693.62.1.rt56.659.el6rt?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
                "product": {
                  "name": "kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
                  "product_id": "kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-693.62.1.rt56.659.el6rt?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
                "product": {
                  "name": "kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
                  "product_id": "kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-693.62.1.rt56.659.el6rt?arch=noarch\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
                "product": {
                  "name": "kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
                  "product_id": "kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-rt-firmware@3.10.0-693.62.1.rt56.659.el6rt?arch=noarch\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src"
        },
        "product_reference": "kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch"
        },
        "product_reference": "kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch"
        },
        "product_reference": "kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64 as a component of Red Hat MRG Realtime for RHEL 6 Server v.2",
          "product_id": "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        },
        "product_reference": "kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
        "relates_to_product_reference": "6Server-MRG-Realtime-2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-18281",
      "cwe": {
        "id": "CWE-672",
        "name": "Operation on a Resource after Expiration or Release"
      },
      "discovery_date": "2018-10-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1645121"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: TLB flush happens too late on mremap",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-18281"
        },
        {
          "category": "external",
          "summary": "RHBZ#1645121",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645121"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-18281",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-18281"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-18281",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18281"
        }
      ],
      "release_date": "2018-10-18T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0100"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: TLB flush happens too late on mremap"
    },
    {
      "cve": "CVE-2018-20856",
      "cwe": {
        "id": "CWE-119",
        "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
      },
      "discovery_date": "2019-07-26T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1738705"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u2019s block driver implementation (blk_drain_queue() function) where a use-after-free condition could be triggered while draining the outstanding command queue in the systems block device subsystem. An attacker could use this flaw to crash the system or corrupt local memory, which may lead to privilege escalation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-20856"
        },
        {
          "category": "external",
          "summary": "RHBZ#1738705",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1738705"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-20856",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-20856"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20856",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20856"
        }
      ],
      "release_date": "2019-07-26T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0100"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Andrea Arcangeli"
          ],
          "organization": "Red Hat Engineering",
          "summary": "This issue was discovered by Red Hat."
        }
      ],
      "cve": "CVE-2019-11599",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "discovery_date": "2019-04-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1705937"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel where the coredump implementation does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs. This allows local users to obtain sensitive information, cause a denial of service (DoS), or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
          "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
          "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
          "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-11599"
        },
        {
          "category": "external",
          "summary": "RHBZ#1705937",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705937"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11599",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-11599"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11599",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11599"
        }
      ],
      "release_date": "2019-04-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0100"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.src",
            "6Server-MRG-Realtime-2:kernel-rt-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debug-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-doc-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-firmware-1:3.10.0-693.62.1.rt56.659.el6rt.noarch",
            "6Server-MRG-Realtime-2:kernel-rt-trace-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-trace-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-debuginfo-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64",
            "6Server-MRG-Realtime-2:kernel-rt-vanilla-devel-1:3.10.0-693.62.1.rt56.659.el6rt.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping"
    }
  ]
}

cve-2019-11599

Vulnerability from cvelistv5

Published

2019-04-29 17:07

Modified

2024-08-04 22:55

Severity

Summary

The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.

References

URL	Tags
http://www.openwall.com/lists/oss-security/2019/04/29/2	mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/04/29/1	mailing-list, x_refsource_MLIST
http://www.openwall.com/lists/oss-security/2019/04/30/1	mailing-list, x_refsource_MLIST
https://www.exploit-db.com/exploits/46781/	exploit, x_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/108113	vdb-entry, x_refsource_BID
https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html	mailing-list, x_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html	mailing-list, x_refsource_MLIST
https://www.debian.org/security/2019/dsa-4465	vendor-advisory, x_refsource_DEBIAN
https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html	mailing-list, x_refsource_MLIST
https://seclists.org/bugtraq/2019/Jun/26	mailing-list, x_refsource_BUGTRAQ
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html	vendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html	vendor-advisory, x_refsource_SUSE
https://seclists.org/bugtraq/2019/Jul/33	mailing-list, x_refsource_BUGTRAQ
https://usn.ubuntu.com/4069-1/	vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4069-2/	vendor-advisory, x_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2019:2043	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:2029	vendor-advisory, x_refsource_REDHAT
https://usn.ubuntu.com/4095-1/	vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4115-1/	vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4118-1/	vendor-advisory, x_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2019:3309	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3517	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0100	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0103	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0179	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0543	vendor-advisory, x_refsource_REDHAT
https://www.oracle.com/security-alerts/cpuApr2021.html	x_refsource_MISC
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114	x_refsource_MISC
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37	x_refsource_MISC
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10	x_refsource_MISC
https://bugs.chromium.org/p/project-zero/issues/detail?id=1790	x_refsource_MISC
https://github.com/torvalds/linux/commit/04f5866e41fb70690e28397487d8bd8eea7d712a	x_refsource_MISC
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04f5866e41fb70690e28397487d8bd8eea7d712a	x_refsource_MISC
http://packetstormsecurity.com/files/152663/Linux-Missing-Lockdown.html	x_refsource_MISC
https://security.netapp.com/advisory/ntap-20190517-0002/	x_refsource_CONFIRM
https://support.f5.com/csp/article/K51674118	x_refsource_CONFIRM
http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html	x_refsource_MISC
https://support.f5.com/csp/article/K51674118?utm_source=f5support&amp%3Butm_medium=RSS	x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20200608-0001/	x_refsource_CONFIRM

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:55:41.015Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[oss-security] 20190429 Re: Linux kernel: multiple issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/04/29/2"
          },
          {
            "name": "[oss-security] 20190429 Linux kernel: multiple issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/04/29/1"
          },
          {
            "name": "[oss-security] 20190430 Re: Linux kernel: multiple issues",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2019/04/30/1"
          },
          {
            "name": "46781",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/46781/"
          },
          {
            "name": "108113",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108113"
          },
          {
            "name": "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html"
          },
          {
            "name": "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html"
          },
          {
            "name": "DSA-4465",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4465"
          },
          {
            "name": "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html"
          },
          {
            "name": "20190618 [SECURITY] [DSA 4465-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jun/26"
          },
          {
            "name": "openSUSE-SU-2019:1716",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html"
          },
          {
            "name": "openSUSE-SU-2019:1757",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html"
          },
          {
            "name": "20190722 [slackware-security] Slackware 14.2 kernel (SSA:2019-202-01)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Jul/33"
          },
          {
            "name": "USN-4069-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4069-1/"
          },
          {
            "name": "USN-4069-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4069-2/"
          },
          {
            "name": "RHSA-2019:2043",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2043"
          },
          {
            "name": "RHSA-2019:2029",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2029"
          },
          {
            "name": "USN-4095-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4095-1/"
          },
          {
            "name": "USN-4115-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4115-1/"
          },
          {
            "name": "USN-4118-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4118-1/"
          },
          {
            "name": "RHSA-2019:3309",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3309"
          },
          {
            "name": "RHSA-2019:3517",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3517"
          },
          {
            "name": "RHSA-2020:0100",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0100"
          },
          {
            "name": "RHSA-2020:0103",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0103"
          },
          {
            "name": "RHSA-2020:0179",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0179"
          },
          {
            "name": "RHSA-2020:0543",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0543"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1790"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/04f5866e41fb70690e28397487d8bd8eea7d712a"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04f5866e41fb70690e28397487d8bd8eea7d712a"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152663/Linux-Missing-Lockdown.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190517-0002/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K51674118"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K51674118?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-14T17:20:07",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[oss-security] 20190429 Re: Linux kernel: multiple issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/04/29/2"
        },
        {
          "name": "[oss-security] 20190429 Linux kernel: multiple issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/04/29/1"
        },
        {
          "name": "[oss-security] 20190430 Re: Linux kernel: multiple issues",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2019/04/30/1"
        },
        {
          "name": "46781",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/46781/"
        },
        {
          "name": "108113",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108113"
        },
        {
          "name": "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html"
        },
        {
          "name": "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html"
        },
        {
          "name": "DSA-4465",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4465"
        },
        {
          "name": "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html"
        },
        {
          "name": "20190618 [SECURITY] [DSA 4465-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jun/26"
        },
        {
          "name": "openSUSE-SU-2019:1716",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html"
        },
        {
          "name": "openSUSE-SU-2019:1757",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html"
        },
        {
          "name": "20190722 [slackware-security] Slackware 14.2 kernel (SSA:2019-202-01)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Jul/33"
        },
        {
          "name": "USN-4069-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4069-1/"
        },
        {
          "name": "USN-4069-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4069-2/"
        },
        {
          "name": "RHSA-2019:2043",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2043"
        },
        {
          "name": "RHSA-2019:2029",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2029"
        },
        {
          "name": "USN-4095-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4095-1/"
        },
        {
          "name": "USN-4115-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4115-1/"
        },
        {
          "name": "USN-4118-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4118-1/"
        },
        {
          "name": "RHSA-2019:3309",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3309"
        },
        {
          "name": "RHSA-2019:3517",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3517"
        },
        {
          "name": "RHSA-2020:0100",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0100"
        },
        {
          "name": "RHSA-2020:0103",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0103"
        },
        {
          "name": "RHSA-2020:0179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0179"
        },
        {
          "name": "RHSA-2020:0543",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0543"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1790"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/04f5866e41fb70690e28397487d8bd8eea7d712a"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04f5866e41fb70690e28397487d8bd8eea7d712a"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152663/Linux-Missing-Lockdown.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190517-0002/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K51674118"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K51674118?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-11599",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20190429 Re: Linux kernel: multiple issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/04/29/2"
            },
            {
              "name": "[oss-security] 20190429 Linux kernel: multiple issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/04/29/1"
            },
            {
              "name": "[oss-security] 20190430 Re: Linux kernel: multiple issues",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2019/04/30/1"
            },
            {
              "name": "46781",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/46781/"
            },
            {
              "name": "108113",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108113"
            },
            {
              "name": "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html"
            },
            {
              "name": "[debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html"
            },
            {
              "name": "DSA-4465",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4465"
            },
            {
              "name": "[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html"
            },
            {
              "name": "20190618 [SECURITY] [DSA 4465-1] linux security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jun/26"
            },
            {
              "name": "openSUSE-SU-2019:1716",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html"
            },
            {
              "name": "openSUSE-SU-2019:1757",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html"
            },
            {
              "name": "20190722 [slackware-security] Slackware 14.2 kernel (SSA:2019-202-01)",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Jul/33"
            },
            {
              "name": "USN-4069-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4069-1/"
            },
            {
              "name": "USN-4069-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4069-2/"
            },
            {
              "name": "RHSA-2019:2043",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2043"
            },
            {
              "name": "RHSA-2019:2029",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2029"
            },
            {
              "name": "USN-4095-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4095-1/"
            },
            {
              "name": "USN-4115-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4115-1/"
            },
            {
              "name": "USN-4118-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4118-1/"
            },
            {
              "name": "RHSA-2019:3309",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3309"
            },
            {
              "name": "RHSA-2019:3517",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3517"
            },
            {
              "name": "RHSA-2020:0100",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0100"
            },
            {
              "name": "RHSA-2020:0103",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0103"
            },
            {
              "name": "RHSA-2020:0179",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0179"
            },
            {
              "name": "RHSA-2020:0543",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0543"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10"
            },
            {
              "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1790",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1790"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/04f5866e41fb70690e28397487d8bd8eea7d712a",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/04f5866e41fb70690e28397487d8bd8eea7d712a"
            },
            {
              "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04f5866e41fb70690e28397487d8bd8eea7d712a",
              "refsource": "MISC",
              "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04f5866e41fb70690e28397487d8bd8eea7d712a"
            },
            {
              "name": "http://packetstormsecurity.com/files/152663/Linux-Missing-Lockdown.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152663/Linux-Missing-Lockdown.html"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190517-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190517-0002/"
            },
            {
              "name": "https://support.f5.com/csp/article/K51674118",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K51674118"
            },
            {
              "name": "http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K51674118?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K51674118?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200608-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200608-0001/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-11599",
    "datePublished": "2019-04-29T17:07:18",
    "dateReserved": "2019-04-29T00:00:00",
    "dateUpdated": "2024-08-04T22:55:41.015Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-18281

Vulnerability from cvelistv5

Published

2018-10-30 18:00

Modified

2024-08-05 11:08

Severity

Summary

Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.

References

URL	Tags
http://packetstormsecurity.com/files/150001/Linux-mremap-TLB-Flush-Too-Late.html	x_refsource_MISC
https://usn.ubuntu.com/3835-1/	vendor-advisory, x_refsource_UBUNTU
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.16	x_refsource_CONFIRM
https://usn.ubuntu.com/3880-1/	vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3871-5/	vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3871-4/	vendor-advisory, x_refsource_UBUNTU
http://www.openwall.com/lists/oss-security/2018/10/29/5	mailing-list, x_refsource_MLIST
https://usn.ubuntu.com/3880-2/	vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3832-1/	vendor-advisory, x_refsource_UBUNTU
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb66ae030829605d61fbef1909ce310e29f78821	x_refsource_CONFIRM
http://www.securityfocus.com/bid/105761	vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3871-1/	vendor-advisory, x_refsource_UBUNTU
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.78	x_refsource_CONFIRM
http://www.securityfocus.com/bid/106503	vdb-entry, x_refsource_BID
https://usn.ubuntu.com/3871-3/	vendor-advisory, x_refsource_UBUNTU
https://bugs.chromium.org/p/project-zero/issues/detail?id=1695	x_refsource_MISC
https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html	mailing-list, x_refsource_MLIST
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.135	x_refsource_CONFIRM
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html	mailing-list, x_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html	mailing-list, x_refsource_MLIST
https://access.redhat.com/errata/RHSA-2019:0831	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:2043	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:2029	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0036	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0100	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0103	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0179	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:08:21.376Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/150001/Linux-mremap-TLB-Flush-Too-Late.html"
          },
          {
            "name": "USN-3835-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3835-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.16"
          },
          {
            "name": "USN-3880-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3880-1/"
          },
          {
            "name": "USN-3871-5",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3871-5/"
          },
          {
            "name": "USN-3871-4",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3871-4/"
          },
          {
            "name": "[oss-security] 20181029 Linux kernel: TLB flush happens too late on mremap (CVE-2018-18281; fixed in 4.9.135, 4.14.78, 4.18.16, 4.19)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2018/10/29/5"
          },
          {
            "name": "USN-3880-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3880-2/"
          },
          {
            "name": "USN-3832-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3832-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb66ae030829605d61fbef1909ce310e29f78821"
          },
          {
            "name": "105761",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105761"
          },
          {
            "name": "USN-3871-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3871-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.78"
          },
          {
            "name": "106503",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106503"
          },
          {
            "name": "USN-3871-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3871-3/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1695"
          },
          {
            "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.135"
          },
          {
            "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
          },
          {
            "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
          },
          {
            "name": "RHSA-2019:0831",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:0831"
          },
          {
            "name": "RHSA-2019:2043",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2043"
          },
          {
            "name": "RHSA-2019:2029",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:2029"
          },
          {
            "name": "RHSA-2020:0036",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0036"
          },
          {
            "name": "RHSA-2020:0100",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0100"
          },
          {
            "name": "RHSA-2020:0103",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0103"
          },
          {
            "name": "RHSA-2020:0179",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0179"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-10-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-21T19:06:22",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/150001/Linux-mremap-TLB-Flush-Too-Late.html"
        },
        {
          "name": "USN-3835-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3835-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.16"
        },
        {
          "name": "USN-3880-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3880-1/"
        },
        {
          "name": "USN-3871-5",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3871-5/"
        },
        {
          "name": "USN-3871-4",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3871-4/"
        },
        {
          "name": "[oss-security] 20181029 Linux kernel: TLB flush happens too late on mremap (CVE-2018-18281; fixed in 4.9.135, 4.14.78, 4.18.16, 4.19)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2018/10/29/5"
        },
        {
          "name": "USN-3880-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3880-2/"
        },
        {
          "name": "USN-3832-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3832-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb66ae030829605d61fbef1909ce310e29f78821"
        },
        {
          "name": "105761",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105761"
        },
        {
          "name": "USN-3871-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3871-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.78"
        },
        {
          "name": "106503",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106503"
        },
        {
          "name": "USN-3871-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3871-3/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1695"
        },
        {
          "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.135"
        },
        {
          "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
        },
        {
          "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
        },
        {
          "name": "RHSA-2019:0831",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:0831"
        },
        {
          "name": "RHSA-2019:2043",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2043"
        },
        {
          "name": "RHSA-2019:2029",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:2029"
        },
        {
          "name": "RHSA-2020:0036",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0036"
        },
        {
          "name": "RHSA-2020:0100",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0100"
        },
        {
          "name": "RHSA-2020:0103",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0103"
        },
        {
          "name": "RHSA-2020:0179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0179"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-18281",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://packetstormsecurity.com/files/150001/Linux-mremap-TLB-Flush-Too-Late.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/150001/Linux-mremap-TLB-Flush-Too-Late.html"
            },
            {
              "name": "USN-3835-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3835-1/"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.16",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.16"
            },
            {
              "name": "USN-3880-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3880-1/"
            },
            {
              "name": "USN-3871-5",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3871-5/"
            },
            {
              "name": "USN-3871-4",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3871-4/"
            },
            {
              "name": "[oss-security] 20181029 Linux kernel: TLB flush happens too late on mremap (CVE-2018-18281; fixed in 4.9.135, 4.14.78, 4.18.16, 4.19)",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2018/10/29/5"
            },
            {
              "name": "USN-3880-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3880-2/"
            },
            {
              "name": "USN-3832-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3832-1/"
            },
            {
              "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb66ae030829605d61fbef1909ce310e29f78821",
              "refsource": "CONFIRM",
              "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb66ae030829605d61fbef1909ce310e29f78821"
            },
            {
              "name": "105761",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105761"
            },
            {
              "name": "USN-3871-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3871-1/"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.78",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.78"
            },
            {
              "name": "106503",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106503"
            },
            {
              "name": "USN-3871-3",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3871-3/"
            },
            {
              "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1695",
              "refsource": "MISC",
              "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1695"
            },
            {
              "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html"
            },
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.135",
              "refsource": "CONFIRM",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.135"
            },
            {
              "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"
            },
            {
              "name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
            },
            {
              "name": "RHSA-2019:0831",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:0831"
            },
            {
              "name": "RHSA-2019:2043",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2043"
            },
            {
              "name": "RHSA-2019:2029",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:2029"
            },
            {
              "name": "RHSA-2020:0036",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0036"
            },
            {
              "name": "RHSA-2020:0100",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0100"
            },
            {
              "name": "RHSA-2020:0103",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0103"
            },
            {
              "name": "RHSA-2020:0179",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0179"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-18281",
    "datePublished": "2018-10-30T18:00:00",
    "dateReserved": "2018-10-12T00:00:00",
    "dateUpdated": "2024-08-05T11:08:21.376Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-20856

Vulnerability from cvelistv5

Published

2019-07-26 04:40

Modified

2024-08-05 12:12

Severity

Summary

An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.

References

URL	Tags
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7	x_refsource_MISC
https://github.com/torvalds/linux/commit/54648cf1ec2d7f4b6a71767799c45676a138ca24	x_refsource_MISC
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54648cf1ec2d7f4b6a71767799c45676a138ca24	x_refsource_MISC
https://usn.ubuntu.com/4094-1/	vendor-advisory, x_refsource_UBUNTU
https://seclists.org/bugtraq/2019/Aug/18	mailing-list, x_refsource_BUGTRAQ
https://www.debian.org/security/2019/dsa-4497	vendor-advisory, x_refsource_DEBIAN
https://seclists.org/bugtraq/2019/Aug/26	mailing-list, x_refsource_BUGTRAQ
https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html	mailing-list, x_refsource_MLIST
http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html	x_refsource_MISC
https://usn.ubuntu.com/4116-1/	vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4118-1/	vendor-advisory, x_refsource_UBUNTU
https://security.netapp.com/advisory/ntap-20190905-0002/	x_refsource_CONFIRM
http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html	x_refsource_MISC
https://support.f5.com/csp/article/K14673240?utm_source=f5support&amp%3Butm_medium=RSS	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2019:3076	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3055	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3089	vendor-advisory, x_refsource_REDHAT
http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html	x_refsource_MISC
https://access.redhat.com/errata/RHSA-2019:3217	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0100	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0103	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0543	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0664	vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0698	vendor-advisory, x_refsource_REDHAT

Impacted products

Vendor	Product
n/a	n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:12:29.597Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/54648cf1ec2d7f4b6a71767799c45676a138ca24"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54648cf1ec2d7f4b6a71767799c45676a138ca24"
          },
          {
            "name": "USN-4094-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4094-1/"
          },
          {
            "name": "20190813 [SECURITY] [DSA 4497-1] linux security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Aug/18"
          },
          {
            "name": "DSA-4497",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4497"
          },
          {
            "name": "20190814 [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Aug/26"
          },
          {
            "name": "[debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
          },
          {
            "name": "USN-4116-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4116-1/"
          },
          {
            "name": "USN-4118-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4118-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190905-0002/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K14673240?utm_source=f5support\u0026amp%3Butm_medium=RSS"
          },
          {
            "name": "RHSA-2019:3076",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3076"
          },
          {
            "name": "RHSA-2019:3055",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3055"
          },
          {
            "name": "RHSA-2019:3089",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3089"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
          },
          {
            "name": "RHSA-2019:3217",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:3217"
          },
          {
            "name": "RHSA-2020:0100",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0100"
          },
          {
            "name": "RHSA-2020:0103",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0103"
          },
          {
            "name": "RHSA-2020:0543",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0543"
          },
          {
            "name": "RHSA-2020:0664",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0664"
          },
          {
            "name": "RHSA-2020:0698",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0698"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-03T20:05:59",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/54648cf1ec2d7f4b6a71767799c45676a138ca24"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54648cf1ec2d7f4b6a71767799c45676a138ca24"
        },
        {
          "name": "USN-4094-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4094-1/"
        },
        {
          "name": "20190813 [SECURITY] [DSA 4497-1] linux security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Aug/18"
        },
        {
          "name": "DSA-4497",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4497"
        },
        {
          "name": "20190814 [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Aug/26"
        },
        {
          "name": "[debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
        },
        {
          "name": "USN-4116-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4116-1/"
        },
        {
          "name": "USN-4118-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4118-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190905-0002/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K14673240?utm_source=f5support\u0026amp%3Butm_medium=RSS"
        },
        {
          "name": "RHSA-2019:3076",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3076"
        },
        {
          "name": "RHSA-2019:3055",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3055"
        },
        {
          "name": "RHSA-2019:3089",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3089"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
        },
        {
          "name": "RHSA-2019:3217",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:3217"
        },
        {
          "name": "RHSA-2020:0100",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0100"
        },
        {
          "name": "RHSA-2020:0103",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0103"
        },
        {
          "name": "RHSA-2020:0543",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0543"
        },
        {
          "name": "RHSA-2020:0664",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0664"
        },
        {
          "name": "RHSA-2020:0698",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0698"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-20856",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.7"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/54648cf1ec2d7f4b6a71767799c45676a138ca24",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/54648cf1ec2d7f4b6a71767799c45676a138ca24"
            },
            {
              "name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54648cf1ec2d7f4b6a71767799c45676a138ca24",
              "refsource": "MISC",
              "url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54648cf1ec2d7f4b6a71767799c45676a138ca24"
            },
            {
              "name": "USN-4094-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4094-1/"
            },
            {
              "name": "20190813 [SECURITY] [DSA 4497-1] linux security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Aug/18"
            },
            {
              "name": "DSA-4497",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4497"
            },
            {
              "name": "20190814 [slackware-security] Slackware 14.2 kernel (SSA:2019-226-01)",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Aug/26"
            },
            {
              "name": "[debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html"
            },
            {
              "name": "USN-4116-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4116-1/"
            },
            {
              "name": "USN-4118-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4118-1/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190905-0002/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190905-0002/"
            },
            {
              "name": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K14673240?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K14673240?utm_source=f5support\u0026amp;utm_medium=RSS"
            },
            {
              "name": "RHSA-2019:3076",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3076"
            },
            {
              "name": "RHSA-2019:3055",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3055"
            },
            {
              "name": "RHSA-2019:3089",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3089"
            },
            {
              "name": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html"
            },
            {
              "name": "RHSA-2019:3217",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:3217"
            },
            {
              "name": "RHSA-2020:0100",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0100"
            },
            {
              "name": "RHSA-2020:0103",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0103"
            },
            {
              "name": "RHSA-2020:0543",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0543"
            },
            {
              "name": "RHSA-2020:0664",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0664"
            },
            {
              "name": "RHSA-2020:0698",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0698"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-20856",
    "datePublished": "2019-07-26T04:40:41",
    "dateReserved": "2019-07-26T00:00:00",
    "dateUpdated": "2024-08-05T12:12:29.597Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Action not permitted

rhsa-2020_0100

Vulnerability from csaf_redhat

cve-2019-11599

Vulnerability from cvelistv5

cve-2018-18281

Vulnerability from cvelistv5

cve-2018-20856

Vulnerability from cvelistv5

Tags