rhsa-2020_0204
Vulnerability from csaf_redhat
Published
2020-01-22 21:26
Modified
2024-11-15 08:27
Summary
Red Hat Security Advisory: kernel security and bug fix update
Notes
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207)
* hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135)
* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)
* hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155)
* Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)
* Kernel: page cache side channel attacks (CVE-2019-5489)
* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)
* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)
* kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)
* Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)
* kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901)
* hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Backport TCP follow-up for small buffers (BZ#1739184)
* TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)
* RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548)
* block: blk-mq improvement (BZ#1780567)
* RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111)
* blk-mq: overwirte performance drops on real MQ device (BZ#1782183)
* RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207)\n\n* hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135)\n\n* kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884)\n\n* hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155)\n\n* Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)\n\n* Kernel: page cache side channel attacks (CVE-2019-5489)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\n* kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)\n\n* Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)\n\n* kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901)\n\n* hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Backport TCP follow-up for small buffers (BZ#1739184)\n\n* TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)\n\n* RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548)\n\n* block: blk-mq improvement (BZ#1780567)\n\n* RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111)\n\n* blk-mq: overwirte performance drops on real MQ device (BZ#1782183)\n\n* RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:0204", "url": "https://access.redhat.com/errata/RHSA-2020:0204" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/security/vulnerabilities/ifu-page-mce", "url": "https://access.redhat.com/security/vulnerabilities/ifu-page-mce" }, { "category": "external", "summary": "1646768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646768" }, { "category": "external", "summary": "1660375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660375" }, { "category": "external", "summary": "1664110", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664110" }, { "category": "external", "summary": "1698757", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698757" }, { "category": "external", "summary": "1716992", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716992" }, { "category": "external", "summary": "1724393", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724393" }, { "category": "external", "summary": "1724398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724398" }, { "category": "external", "summary": "1727857", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727857" }, { "category": "external", "summary": "1744149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744149" }, { "category": "external", "summary": "1746708", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746708" }, { "category": "external", "summary": "1753062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753062" }, { "category": "external", "summary": "1773519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1773519" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_0204.json" } ], "title": "Red Hat Security Advisory: kernel security and bug fix update", "tracking": { "current_release_date": "2024-11-15T08:27:37+00:00", "generator": { "date": "2024-11-15T08:27:37+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:0204", "initial_release_date": "2020-01-22T21:26:18+00:00", "revision_history": [ { "date": "2020-01-22T21:26:18+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-01-22T21:26:18+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:27:37+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product": { "name": "Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_e4s:8.0::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-core@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "perf-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "perf-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "perf-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-80.15.1.el8_0?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product": { "name": "python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_id": "python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-80.15.1.el8_0?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-core@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "perf-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "perf-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-80.15.1.el8_0?arch=x86_64" } } }, { "category": "product_version", "name": "python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product": { "name": "python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_id": "python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-80.15.1.el8_0?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-0:4.18.0-80.15.1.el8_0.src", "product": { "name": "kernel-0:4.18.0-80.15.1.el8_0.src", "product_id": "kernel-0:4.18.0-80.15.1.el8_0.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-80.15.1.el8_0?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "product": { "name": "kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "product_id": "kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.18.0-80.15.1.el8_0?arch=noarch" } } }, { "category": "product_version", "name": "kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "product": { "name": "kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "product_id": "kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-doc@4.18.0-80.15.1.el8_0?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-80.15.1.el8_0.src as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src" }, "product_reference": "kernel-0:4.18.0-80.15.1.el8_0.src", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch" }, "product_reference": "kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-doc-0:4.18.0-80.15.1.el8_0.noarch as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch" }, "product_reference": "kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "perf-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "perf-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v. 8.0)", "product_id": "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "relates_to_product_reference": "BaseOS-8.0.0.Z.E4S" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Intel" ] }, { "names": [ "Deepak Gupta" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2018-12207", "cwe": { "id": "CWE-226", "name": "Sensitive Information in Resource Not Removed Before Reuse" }, "discovery_date": "2018-11-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1646768" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU\u0027s local cache and system software\u0027s Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor, resulting in a severe DoS scenario by halting the processor.\r\n\r\nSystem software like OS OR Virtual Machine Monitor (VMM) use virtual memory system for storing program instructions and data in memory. Virtual Memory system uses Paging structures like Page Tables and Page Directories to manage system memory. The processor\u0027s Memory Management Unit (MMU) uses Paging structure entries to translate program\u0027s virtual memory addresses to physical memory addresses. The processor stores these address translations into its local cache buffer called - Translation Lookaside Buffer (TLB). TLB has two parts, one for instructions and other for data addresses.\r\n\r\nSystem software can modify its Paging structure entries to change address mappings OR certain attributes like page size etc. Upon such Paging structure alterations in memory, system software must invalidate the corresponding address translations in the processor\u0027s TLB cache. But before this TLB invalidation takes place, a privileged guest user may trigger an instruction fetch operation, which could use an already cached, but now invalid, virtual to physical address translation from Instruction TLB (ITLB). Thus accessing an invalid physical memory address and resulting in halting the processor due to the Machine Check Error (MCE) on Page Size Change.", "title": "Vulnerability description" }, { "category": "summary", "text": "hw: Machine Check Error on Page Size Change (IFU)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-12207" }, { "category": "external", "summary": "RHBZ#1646768", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646768" }, { "category": "external", "summary": "RHSB-ifu-page-mce", "url": "https://access.redhat.com/security/vulnerabilities/ifu-page-mce" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-12207", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12207" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12207", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12207" }, { "category": "external", "summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00210.html" } ], "release_date": "2019-11-12T18:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" }, { "category": "workaround", "details": "For mitigation related information, please refer to the Red Hat vulnerability article: https://access.redhat.com/security/vulnerabilities/ifu-page-mce .", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "hw: Machine Check Error on Page Size Change (IFU)" }, { "acknowledgments": [ { "names": [ "Evgenii Shatokhin", "Vasily Averin" ], "organization": "Virtuozzo" } ], "cve": "CVE-2018-16884", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2018-12-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1660375" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory corruption and a system panic. Due to the nature of the flaw, privilege escalation cannot be fully ruled out.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: nfs: use-after-free in svc_process_common()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-16884" }, { "category": "external", "summary": "RHBZ#1660375", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660375" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-16884", "url": "https://www.cve.org/CVERecord?id=CVE-2018-16884" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-16884", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16884" } ], "release_date": "2018-11-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: nfs: use-after-free in svc_process_common()" }, { "acknowledgments": [ { "names": [ "Intel" ] } ], "cve": "CVE-2019-0154", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2019-06-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1724393" } ], "notes": [ { "category": "description", "text": "A flaw was found in Intel graphics hardware (GPU) where a local attacker with the ability to issue an ioctl could trigger a hardware level crash if MMIO registers were read while the graphics card was in a low-power state. This creates a denial of service situation and the GPU and connected displays will remain unusable until a reboot occurs.", "title": "Vulnerability description" }, { "category": "summary", "text": "hw: Intel GPU Denial Of Service while accessing MMIO in lower power state", "title": "Vulnerability summary" }, { "category": "other", "text": "Intel plans to release BIOS firmware to correct this issue. Red Hat\u0027s kernel update should mitigate this vulnerability. Some older hardware will not have BIOS firmware update and will rely on operating system level protection to prevent access while the device is in low-power states. For more information see https://access.redhat.com/solutions/i915-graphics", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-0154" }, { "category": "external", "summary": "RHBZ#1724393", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724393" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-0154", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0154" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0154", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0154" }, { "category": "external", "summary": "https://access.redhat.com/solutions/i915-graphics", "url": "https://access.redhat.com/solutions/i915-graphics" }, { "category": "external", "summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00260.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00260.html" } ], "release_date": "2019-11-12T18:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" }, { "category": "workaround", "details": "Preventing loading of the i915 kernel module will prevent attackers from using this exploit against the system however the power management functionality of the card will be disabled and the system may draw additional power. See this KCS article (https://access.redhat.com/solutions/41278) for instructions on how to disable a kernel module. Graphical displays may also be at low resolution or not work correctly. This mitigation may not be suitable if running graphical tools locally is required.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hw: Intel GPU Denial Of Service while accessing MMIO in lower power state" }, { "acknowledgments": [ { "names": [ "Intel" ] } ], "cve": "CVE-2019-0155", "cwe": { "id": "CWE-284", "name": "Improper Access Control" }, "discovery_date": "2019-06-27T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1724398" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Intel graphics hardware (GPU), where a local attacker with the ability to issue commands to the GPU could inadvertently lead to memory corruption and possible privilege escalation. The attacker could use the GPU blitter to perform privilege MMIO operations, not limited to the address space required to function correctly.", "title": "Vulnerability description" }, { "category": "summary", "text": "hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/i915-graphics", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-0155" }, { "category": "external", "summary": "RHBZ#1724398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724398" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-0155", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0155" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0155", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0155" }, { "category": "external", "summary": "https://access.redhat.com/solutions/i915-graphics", "url": "https://access.redhat.com/solutions/i915-graphics" }, { "category": "external", "summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html" } ], "release_date": "2019-11-12T18:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" }, { "category": "workaround", "details": "Preventing loading of the i915 kernel module will prevent attackers from using this exploit against the system however the power management functionality of the card will be disabled and the system may draw additional power. See this KCS article( https://access.redhat.com/solutions/41278 ) for instructions on how to disable a kernel module. Graphical displays may also be at low resolution or not work correctly. This mitigation may not be suitable if running graphical tools locally is required.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write" }, { "acknowledgments": [ { "names": [ "Jason Wang" ], "organization": "Red Hat Inc.", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2019-3900", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2019-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1698757" } ], "notes": [ { "category": "description", "text": "An infinite loop issue was found in the vhost_net kernel module while handling incoming packets in handle_rx(). The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhost_net kernel thread, resulting in a DoS scenario.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: vhost_net: infinite loop while receiving packets leads to DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 6 and 7. Future kernel updates for Red Hat Enterprise Linux 6 and 7 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3900" }, { "category": "external", "summary": "RHBZ#1698757", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1698757" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3900", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3900" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3900", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3900" } ], "release_date": "2019-04-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Kernel: vhost_net: infinite loop while receiving packets leads to DoS" }, { "cve": "CVE-2019-5489", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1664110" } ], "notes": [ { "category": "description", "text": "A new software page cache side channel attack scenario was discovered in operating systems that implement the very common \u0027page cache\u0027 caching mechanism. A malicious user/process could use \u0027in memory\u0027 page-cache knowledge to infer access timings to shared memory and gain knowledge which can be used to reduce effectiveness of cryptographic strength by monitoring algorithmic behavior, infer access patterns of memory to determine code paths taken, and exfiltrate data to a blinded attacker through page-granularity access times as a side-channel.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: page cache side channel attacks", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-5489" }, { "category": "external", "summary": "RHBZ#1664110", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1664110" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-5489", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5489" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5489", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5489" } ], "release_date": "2019-01-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:N", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Kernel: page cache side channel attacks" }, { "cve": "CVE-2019-9506", "cwe": { "id": "CWE-327", "name": "Use of a Broken or Risky Cryptographic Algorithm" }, "discovery_date": "2019-06-11T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1727857" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in the Bluetooth protocol. An attacker within physical proximity to the Bluetooth connection could downgrade the encryption protocol to be trivially brute forced.", "title": "Vulnerability description" }, { "category": "summary", "text": "hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9506" }, { "category": "external", "summary": "RHBZ#1727857", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727857" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9506", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9506" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9506", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9506" } ], "release_date": "2019-08-10T09:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" }, { "category": "workaround", "details": "At this time there is no known mitigation if bluetooth hardware is to be continue to be used. Replacing the hardware with its wired version and disabling bluetooth may be a suitable alternative for some environments.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)" }, { "acknowledgments": [ { "names": [ "huangwen" ], "organization": "ADLab of Venustech" } ], "cve": "CVE-2019-10126", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2019-05-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1716992" } ], "notes": [ { "category": "description", "text": "A flaw was found in the mwifiex implementation in the Linux kernel. A system connecting to wireless access point could be manipulated by an attacker with advanced permissions on the access point into localized memory corruption or possibly privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10126" }, { "category": "external", "summary": "RHBZ#1716992", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716992" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10126", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10126" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10126", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10126" } ], "release_date": "2019-05-31T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c" }, { "acknowledgments": [ { "names": [ "Intel" ] } ], "cve": "CVE-2019-11135", "cwe": { "id": "CWE-203", "name": "Observable Discrepancy" }, "discovery_date": "2019-09-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1753062" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort (TAA) error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow information disclosure via this observed side-channel for any TSX transaction being executed while an attacker is able to observe abort timing.\r\n\r\nIntel\u0027s Transactional Synchronisation Extensions (TSX) are set of instructions which enable transactional memory support to improve performance of the multi-threaded applications, in the lock-protected critical sections. The CPU executes instructions in the critical-sections as transactions, while ensuring their atomic state. When such transaction execution is unsuccessful, the processor cannot ensure atomic updates to the transaction memory, so the processor rolls back or aborts such transaction execution.\r\n\r\nWhile TSX Asynchronous Abort (TAA) is pending, CPU may continue to read data from architectural buffers and pass it to the dependent speculative operations. This may cause information leakage via speculative side-channel means, which is quite similar to the Microarchitectural Data Sampling (MDS) issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "hw: TSX Transaction Asynchronous Abort (TAA)", "title": "Vulnerability summary" }, { "category": "other", "text": "libvirt and qemu-kvm on Red Hat Enterprise Linux 6 are not affected by this vulnerability as they do not support MSR-based CPU features.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11135" }, { "category": "external", "summary": "RHBZ#1753062", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753062" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11135", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11135" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11135", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11135" }, { "category": "external", "summary": "https://access.redhat.com/solutions/tsx-asynchronousabort", "url": "https://access.redhat.com/solutions/tsx-asynchronousabort" }, { "category": "external", "summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00270.html" } ], "release_date": "2019-11-12T18:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" }, { "category": "workaround", "details": "For mitigation related information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/solutions/tsx-asynchronousabort", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "hw: TSX Transaction Asynchronous Abort (TAA)" }, { "acknowledgments": [ { "names": [ "Huangwen" ], "organization": "ADLab of Venustech" } ], "cve": "CVE-2019-14816", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2019-08-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1744149" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u0027s Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This flaw affects the network interface at the most basic level meaning the attacker only needs to affiliate with the same network device as the vulnerable system to create an attack path.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14816" }, { "category": "external", "summary": "RHBZ#1744149", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744149" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14816", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14816" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14816", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14816" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caac62ed598a196d6ddf8d9c121e12e082cac3a", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caac62ed598a196d6ddf8d9c121e12e082cac3a" } ], "release_date": "2019-08-28T10:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" }, { "category": "workaround", "details": "At this time there is no mitigation to the flaw, if you are able to disable wireless and your system is able to work this will be a temporary mitigation until a kernel update is available for installation.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver" }, { "acknowledgments": [ { "names": [ "Matt Delco" ], "organization": "Google.com" } ], "cve": "CVE-2019-14821", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2019-08-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1746708" } ], "notes": [ { "category": "description", "text": "An out-of-bounds access issue was found in the way Linux kernel\u0027s KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer \u0027struct kvm_coalesced_mmio\u0027 object, wherein write indices \u0027ring-\u003efirst\u0027 and \u0027ring-\u003elast\u0027 value could be supplied by a host user-space process. An unprivileged host user or process with access to \u0027/dev/kvm\u0027 device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: KVM: OOB memory access via mmio ring buffer", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue requires unprivileged users to have access to \u0027/dev/kvm\u0027 device. So restricting access to \u0027/dev/kvm\u0027 device to known trusted users could limit its exploitation by untrusted users/processes.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14821" }, { "category": "external", "summary": "RHBZ#1746708", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746708" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14821", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14821" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14821", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14821" } ], "release_date": "2019-09-17T17:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" }, { "category": "workaround", "details": "Restrict access to the \u0027/dev/kvm\u0027 device to trusted users.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "Kernel: KVM: OOB memory access via mmio ring buffer" }, { "acknowledgments": [ { "names": [ "Huangwen and Wang Qize" ], "organization": "ADLab of VenusTech" } ], "cve": "CVE-2019-14901", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1773519" } ], "notes": [ { "category": "description", "text": "A heap overflow flaw was found in the Linux kernel\u0027s Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: heap overflow in marvell/mwifiex/tdls.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14901" }, { "category": "external", "summary": "RHBZ#1773519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1773519" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14901", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14901" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14901", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14901" } ], "release_date": "2019-11-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-01-22T21:26:18+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2020:0204" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:bpftool-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.src", "BaseOS-8.0.0.Z.E4S:kernel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-cross-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-core-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-devel-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-doc-0:4.18.0-80.15.1.el8_0.noarch", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-headers-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-modules-extra-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:kernel-tools-libs-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-0:4.18.0-80.15.1.el8_0.x86_64", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.ppc64le", "BaseOS-8.0.0.Z.E4S:python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: heap overflow in marvell/mwifiex/tdls.c" } ] }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.