rhsa-2020_0174
Vulnerability from csaf_redhat
Published
2020-01-21 15:53
Modified
2024-11-22 14:20
Summary
Red Hat Security Advisory: kernel-alt security and bug fix update

Notes

Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-alt packages provide the Linux kernel version 4.x. Security Fix(es): * Kernel: speculative bounds check bypass store (CVE-2018-3693) * kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559) * kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846) * kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr (CVE-2019-8912) * kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126) * kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487) * kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816) * kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133) * kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS (CVE-2019-14814) * kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS (CVE-2019-14815) * kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Kernel panic on job cleanup, related to SyS_getdents64 (BZ#1702057) * Kernel modules generated incorrectly when system is localized to non-English language (BZ#1705285) * RHEL-Alt-7.6 - Fixup tlbie vs store ordering issue on POWER9 (BZ#1756270)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.



{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* Kernel: speculative bounds check bypass store (CVE-2018-3693)\n\n* kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)\n\n* kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr (CVE-2019-8912)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\n* kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487)\n\n* kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)\n\n* kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)\n\n* kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS (CVE-2019-14814)\n\n* kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS (CVE-2019-14815)\n\n* kernel: (powerpc) incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Kernel panic on job cleanup, related to SyS_getdents64 (BZ#1702057)\n\n* Kernel modules generated incorrectly when system is localized to non-English language (BZ#1705285)\n\n* RHEL-Alt-7.6 - Fixup tlbie vs store ordering issue on POWER9 (BZ#1756270)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2020:0174",
        "url": "https://access.redhat.com/errata/RHSA-2020:0174"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/3523601",
        "url": "https://access.redhat.com/solutions/3523601"
      },
      {
        "category": "external",
        "summary": "1581650",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581650"
      },
      {
        "category": "external",
        "summary": "1641878",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1641878"
      },
      {
        "category": "external",
        "summary": "1678685",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678685"
      },
      {
        "category": "external",
        "summary": "1703063",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703063"
      },
      {
        "category": "external",
        "summary": "1713059",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713059"
      },
      {
        "category": "external",
        "summary": "1716992",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716992"
      },
      {
        "category": "external",
        "summary": "1744130",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744130"
      },
      {
        "category": "external",
        "summary": "1744137",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744137"
      },
      {
        "category": "external",
        "summary": "1744149",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744149"
      },
      {
        "category": "external",
        "summary": "1771909",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771909"
      },
      {
        "category": "external",
        "summary": "1777825",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777825"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0174.json"
      }
    ],
    "title": "Red Hat Security Advisory: kernel-alt security and bug fix update",
    "tracking": {
      "current_release_date": "2024-11-22T14:20:11+00:00",
      "generator": {
        "date": "2024-11-22T14:20:11+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2020:0174",
      "initial_release_date": "2020-01-21T15:53:02+00:00",
      "revision_history": [
        {
          "date": "2020-01-21T15:53:02+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2020-01-21T15:53:02+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T14:20:11+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
                  "product_id": "7Server-RHELALT-7.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
                  "product_id": "7Server-optional-RHELALT-7.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-bootwrapper@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debug@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-devel@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-headers@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-tools@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-tools-libs@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "perf-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "perf-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "perf-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/perf@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python-perf@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debuginfo@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/perf-debuginfo@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python-perf-debuginfo@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-debug-devel@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
                "product": {
                  "name": "kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_id": "kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.14.0-115.17.1.el7a?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
                "product": {
                  "name": "kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
                  "product_id": "kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.14.0-115.17.1.el7a?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
                "product": {
                  "name": "kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
                  "product_id": "kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-doc@4.14.0-115.17.1.el7a?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-alt-0:4.14.0-115.17.1.el7a.src",
                "product": {
                  "name": "kernel-alt-0:4.14.0-115.17.1.el7a.src",
                  "product_id": "kernel-alt-0:4.14.0-115.17.1.el7a.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kernel-alt@4.14.0-115.17.1.el7a?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch"
        },
        "product_reference": "kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-alt-0:4.14.0-115.17.1.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src"
        },
        "product_reference": "kernel-alt-0:4.14.0-115.17.1.el7a.src",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-doc-0:4.14.0-115.17.1.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch"
        },
        "product_reference": "kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perf-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "perf-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-perf-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
          "product_id": "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch"
        },
        "product_reference": "kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-alt-0:4.14.0-115.17.1.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src"
        },
        "product_reference": "kernel-alt-0:4.14.0-115.17.1.el7a.src",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-doc-0:4.14.0-115.17.1.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch"
        },
        "product_reference": "kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perf-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "perf-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-perf-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
          "product_id": "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        },
        "product_reference": "python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
        "relates_to_product_reference": "7Server-optional-RHELALT-7.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Carl Waldspurger"
          ],
          "organization": "Carl Waldspurger Consulting"
        },
        {
          "names": [
            "Vladimir Kiriansky"
          ],
          "organization": "MIT"
        }
      ],
      "cve": "CVE-2018-3693",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2018-03-12T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1581650"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an address which depends on the untrusted value. Such writes cause an update into the microprocessor\u0027s data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to influence speculative execution and/or read privileged memory by conducting targeted cache side-channel attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "Kernel: speculative bounds check bypass store",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 5, 6, 7 and Red Hat Enterprise MRG 2 may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-3693"
        },
        {
          "category": "external",
          "summary": "RHBZ#1581650",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1581650"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-3693",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-3693"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-3693",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-3693"
        },
        {
          "category": "external",
          "summary": "https://01.org/security/advisories/intel-oss-10002",
          "url": "https://01.org/security/advisories/intel-oss-10002"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/solutions/3523601",
          "url": "https://access.redhat.com/solutions/3523601"
        },
        {
          "category": "external",
          "summary": "https://people.csail.mit.edu/vlk/spectre11.pdf",
          "url": "https://people.csail.mit.edu/vlk/spectre11.pdf"
        },
        {
          "category": "external",
          "summary": "https://software.intel.com/sites/default/files/managed/4e/a1/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf",
          "url": "https://software.intel.com/sites/default/files/managed/4e/a1/337879-analyzing-potential-bounds-Check-bypass-vulnerabilities.pdf"
        }
      ],
      "release_date": "2018-07-10T17:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "Kernel: speculative bounds check bypass store"
    },
    {
      "cve": "CVE-2018-18559",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2018-10-23T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1641878"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free flaw can occur in the Linux kernel due to a race condition between packet_do_bind() and packet_notifier() functions called for an AF_PACKET socket. An unprivileged, local user could use this flaw to induce kernel memory corruption on the system, leading to an unresponsive system or to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Use-after-free due to race condition in AF_PACKET implementation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2018-18559"
        },
        {
          "category": "external",
          "summary": "RHBZ#1641878",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1641878"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2018-18559",
          "url": "https://www.cve.org/CVERecord?id=CVE-2018-18559"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-18559",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18559"
        },
        {
          "category": "external",
          "summary": "https://blogs.securiteam.com/index.php/archives/3731",
          "url": "https://blogs.securiteam.com/index.php/archives/3731"
        }
      ],
      "release_date": "2018-06-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: Use-after-free due to race condition in AF_PACKET implementation"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "huangwen"
          ],
          "organization": "ADLab of Venustech"
        }
      ],
      "cve": "CVE-2019-3846",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2019-05-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1713059"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u0027s Marvell wifi chip driver. A heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c allows remote attackers to cause a denial of service(system crash) or execute arbitrary code.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is currently rated as Important as it is possible for an attacker to setup a wifi access point with identical configuration in another location and intercept have the system auto connect and possibly be exploited.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-3846"
        },
        {
          "category": "external",
          "summary": "RHBZ#1713059",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713059"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3846",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-3846"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3846",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3846"
        },
        {
          "category": "external",
          "summary": "https://seclists.org/oss-sec/2019/q2/133",
          "url": "https://seclists.org/oss-sec/2019/q2/133"
        }
      ],
      "release_date": "2019-05-30T12:53:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        },
        {
          "category": "workaround",
          "details": "This flaw requires a system with marvell wifi network card to be attempting to connect to a attacker controlled wifi network.  A temporary mitigation may be to only connect to known-good networks via wifi, or connect to a network via ethernet.  Alternatively if wireless networking is not used the mwifiex kernel module can be blacklisted to prevent misuse of the vulnerable code.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c"
    },
    {
      "cve": "CVE-2019-8912",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2019-02-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1678685"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "In the Linux kernel af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free (UAF) in sockfs_setattr. A local attacker can use this flaw to escalate privileges and take control of the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-8912"
        },
        {
          "category": "external",
          "summary": "RHBZ#1678685",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678685"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-8912",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-8912"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8912",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8912"
        }
      ],
      "release_date": "2019-02-15T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "huangwen"
          ],
          "organization": "ADLab of Venustech"
        }
      ],
      "cve": "CVE-2019-10126",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2019-05-30T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1716992"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the mwifiex implementation in the Linux kernel. A system connecting to wireless access point could be manipulated by an attacker with advanced permissions on the access point into localized memory corruption or possibly privilege escalation.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-10126"
        },
        {
          "category": "external",
          "summary": "RHBZ#1716992",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716992"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10126",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-10126"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10126",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10126"
        }
      ],
      "release_date": "2019-05-31T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c"
    },
    {
      "cve": "CVE-2019-11487",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "discovery_date": "2019-04-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1703063"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u0027s implementation of the FUSE filesystem, where it allows a page reference counter overflow. If a page reference counter overflows into a negative value, it can be placed back into the \"free\" list for reuse by other applications. This flaw allows a local attacker who can manipulate memory page reference counters to cause memory corruption and possible privilege escalation by triggering a use-after-free condition.\r\n\r\nThe current attack requires the system to have approximately 140 GB of RAM for this attack to be performed. It may be possible that the attack can occur with fewer memory requirements.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: Count overflow in FUSE request leading to use-after-free issues.",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-11487"
        },
        {
          "category": "external",
          "summary": "RHBZ#1703063",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703063"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11487",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-11487"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11487",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11487"
        }
      ],
      "release_date": "2019-04-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        },
        {
          "category": "workaround",
          "details": "Preventing loading of the \u0027fuse\u0027 kernel module will prevent attackers from using this exploit against the system; howeve the functionality of being able to access the filesystems that would  be allowed by fuse would no longer be allowed . See \u201cHow do I blacklist a kernel module to prevent it from loading automatically?\" ( https://access.redhat.com/solutions/41278) for instructions on how to disable the \u0027fuse\u0027 kernel module from autoloading. This mitigation may not be suitable if access to the functionality provided by fuse is required.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: Count overflow in FUSE request leading to use-after-free issues."
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Huangwen"
          ],
          "organization": "ADLab of Venustech"
        }
      ],
      "cve": "CVE-2019-14814",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2019-08-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1744130"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Linux kernel\u2019s implementation of the Marvell wifi driver, which can allow a local user who has CAP_NET_ADMIN or administrative privileges to possibly cause a Denial Of Service (DOS) by corrupting memory and possible code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-14814"
        },
        {
          "category": "external",
          "summary": "RHBZ#1744130",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744130"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14814",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-14814"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14814",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14814"
        },
        {
          "category": "external",
          "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caac62ed598a196d6ddf8d9c121e12e082cac3a",
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caac62ed598a196d6ddf8d9c121e12e082cac3a"
        }
      ],
      "release_date": "2019-08-28T10:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: heap overflow in mwifiex_set_uap_rates() function of Marvell Wifi Driver leading to DoS"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Huangwen"
          ],
          "organization": "ADLab of Venustech"
        }
      ],
      "cve": "CVE-2019-14815",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2019-08-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1744137"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability found in the Linux kernel\u0027s WMM implementation for Marvell WiFi-based hardware (mwifiex) could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch has been provided to remediate this flaw.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-14815"
        },
        {
          "category": "external",
          "summary": "RHBZ#1744137",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744137"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14815",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-14815"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14815",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14815"
        }
      ],
      "release_date": "2019-08-28T10:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Huangwen"
          ],
          "organization": "ADLab of Venustech"
        }
      ],
      "cve": "CVE-2019-14816",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2019-08-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1744149"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Linux kernel\u0027s Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This flaw affects the network interface at the most basic level meaning the attacker only needs to affiliate with the same network device as the vulnerable system to create an attack path.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-14816"
        },
        {
          "category": "external",
          "summary": "RHBZ#1744149",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744149"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14816",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-14816"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14816",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14816"
        },
        {
          "category": "external",
          "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caac62ed598a196d6ddf8d9c121e12e082cac3a",
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caac62ed598a196d6ddf8d9c121e12e082cac3a"
        }
      ],
      "release_date": "2019-08-28T10:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        },
        {
          "category": "workaround",
          "details": "At this time there is no mitigation to the flaw, if you are able to disable wireless and your system is able to work this will be a temporary mitigation until a kernel update is available for installation.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver"
    },
    {
      "cve": "CVE-2019-17133",
      "cwe": {
        "id": "CWE-120",
        "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
      },
      "discovery_date": "2019-10-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1771909"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in the Linux kernel\u0027s generic WiFi ESSID handling implementation. The flaw allows a system to join a wireless network where the ESSID is longer than the maximum length of 32 characters, which can cause the system to crash or execute code.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17133"
        },
        {
          "category": "external",
          "summary": "RHBZ#1771909",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771909"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17133",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17133"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17133",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17133"
        }
      ],
      "release_date": "2019-10-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c"
    },
    {
      "cve": "CVE-2019-18660",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2019-11-15T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1777825"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the way the Linux kernel implemented a software flush of the Count Cache (indirect branch cache) and Link (Return Address) Stack on the PowerPC platform. The flushing of these structures helps to prevent SpectreRSB like attacks which may leak information from one user process to another. An unprivileged user could use this flaw to cross the syscall or process boundary and read privileged memory by conducting targeted cache side-channel attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects versions of the kernel package as shipped with Red Hat Enterprise Linux 6, 7 and 8. Future kernel updates for Red Hat Enterprise Linux 6, 7 and 8 may address this issue.\n\nThis issue does not affect the version of the kernel package as shipped with Red Hat Enterprise MRG 2.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
          "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
          "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
          "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-18660"
        },
        {
          "category": "external",
          "summary": "RHBZ#1777825",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777825"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-18660",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-18660",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18660"
        }
      ],
      "release_date": "2019-11-28T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-01-21T15:53:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
          "product_ids": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2020:0174"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.17.1.el7a.src",
            "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.17.1.el7a.noarch",
            "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.17.1.el7a.ppc64le",
            "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.17.1.el7a.ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.