rhsa-2020_0740
Vulnerability from csaf_redhat
Published
2020-03-09 14:35
Modified
2024-09-16 03:29
Summary
Red Hat Security Advisory: kernel-alt security and bug fix update
Notes
Topic
An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
* kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666)
* kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871)
* kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459)
* kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460)
* kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884)
* kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception (CVE-2019-15030)
* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916)
* kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c (CVE-2019-18805)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* lpfc: NVMe/FC target test machine rhel-storage-62 crashes on boot when connected to FC switch (BZ#1623205)
* kernel BUG at fs/nfs_common/grace.c:107! (BZ#1637543)
* RHEL-Alt-7.6 - Need a fix for kernel bug cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() (BZ#1711934)
* Backport "fs/dcache.c: add cond_resched() in shrink_dentry_list()" (32785c0539b7) [rhel-alt-7.6.z] (BZ#1758861)
* [RHEL-ALT-7.6.z][arm64] iommu/iova: Fix tracking of recently failed iova address (BZ#1780500)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666)\n\n* kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871)\n\n* kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459)\n\n* kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460)\n\n* kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884)\n\n* kernel: powerpc: local user can read vector registers of other users\u0027 processes via a Facility Unavailable exception (CVE-2019-15030)\n\n* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916)\n\n* kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c (CVE-2019-18805)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* lpfc: NVMe/FC target test machine rhel-storage-62 crashes on boot when connected to FC switch (BZ#1623205)\n\n* kernel BUG at fs/nfs_common/grace.c:107! (BZ#1637543)\n\n* RHEL-Alt-7.6 - Need a fix for kernel bug cap_inode_getsecurity: use d_find_any_alias() instead of d_find_alias() (BZ#1711934)\n\n* Backport \"fs/dcache.c: add cond_resched() in shrink_dentry_list()\" (32785c0539b7) [rhel-alt-7.6.z] (BZ#1758861)\n\n* [RHEL-ALT-7.6.z][arm64] iommu/iova: Fix tracking of recently failed iova address (BZ#1780500)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:0740",
"url": "https://access.redhat.com/errata/RHSA-2020:0740"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1655162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655162"
},
{
"category": "external",
"summary": "1663176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663176"
},
{
"category": "external",
"summary": "1663179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663179"
},
{
"category": "external",
"summary": "1709837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709837"
},
{
"category": "external",
"summary": "1750813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750813"
},
{
"category": "external",
"summary": "1759313",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759313"
},
{
"category": "external",
"summary": "1763690",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1763690"
},
{
"category": "external",
"summary": "1771496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771496"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_0740.json"
}
],
"title": "Red Hat Security Advisory: kernel-alt security and bug fix update",
"tracking": {
"current_release_date": "2024-09-16T03:29:28+00:00",
"generator": {
"date": "2024-09-16T03:29:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2020:0740",
"initial_release_date": "2020-03-09T14:35:10+00:00",
"revision_history": [
{
"date": "2020-03-09T14:35:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-03-09T14:35:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T03:29:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-bootwrapper@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "perf-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "perf-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf-debuginfo@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"product_id": "kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.14.0-115.18.1.el7a?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"product": {
"name": "kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"product_id": "kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.14.0-115.18.1.el7a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"product": {
"name": "kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"product_id": "kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.14.0-115.18.1.el7a?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-alt-0:4.14.0-115.18.1.el7a.src",
"product": {
"name": "kernel-alt-0:4.14.0-115.18.1.el7a.src",
"product_id": "kernel-alt-0:4.14.0-115.18.1.el7a.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-alt@4.14.0-115.18.1.el7a?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-alt-0:4.14.0-115.18.1.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src"
},
"product_reference": "kernel-alt-0:4.14.0-115.18.1.el7a.src",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.14.0-115.18.1.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch"
},
"product_reference": "kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "perf-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-alt-0:4.14.0-115.18.1.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src"
},
"product_reference": "kernel-alt-0:4.14.0-115.18.1.el7a.src",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.14.0-115.18.1.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch"
},
"product_reference": "kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "perf-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
},
"product_reference": "python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Hangbin Liu"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Jasu Liedes"
],
"organization": "Synopsys SIG"
}
],
"cve": "CVE-2018-16871",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2018-11-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1655162"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-16871"
},
{
"category": "external",
"summary": "RHBZ#1655162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655162"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-16871",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-16871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16871"
}
],
"release_date": "2019-06-03T02:23:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence"
},
{
"cve": "CVE-2019-3459",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-01-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1663176"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of Logical Link Control and Adaptation Protocol (L2CAP), part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packet can contain part of the kernel stack which can be used in a further attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Heap address information leak while using L2CAP_GET_CONF_OPT",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3459"
},
{
"category": "external",
"summary": "RHBZ#1663176",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663176"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3459",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3459"
}
],
"release_date": "2019-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0740"
},
{
"category": "workaround",
"details": "- Disabling the bluetooth hardware in the bios.\n- Prevent loading of the bluetooth kernel modules.\n- Disable the bluetooth connection by putting the system in \"airport\" mode.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Heap address information leak while using L2CAP_GET_CONF_OPT"
},
{
"cve": "CVE-2019-3460",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-01-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1663179"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_parse_conf_rsp and l2cap_parse_conf_req functions. An attacker with physical access within the range of standard Bluetooth transmission can create a specially crafted packet. The response to this specially crafted packet can contain part of the kernel stack which can be used in a further attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3460"
},
{
"category": "external",
"summary": "RHBZ#1663179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663179"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3460",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3460"
}
],
"release_date": "2019-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0740"
},
{
"category": "workaround",
"details": "- Disabling the bluetooth hardware in the bios.\n- Prevent loading of the bluetooth kernel modules.\n- Disable the bluetooth connection by putting the system in \"airport\" mode.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP"
},
{
"cve": "CVE-2019-11884",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-05-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1709837"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of the Bluetooth Human Interface Device Protocol (HIDP). A local attacker with access permissions to the Bluetooth device can issue an IOCTL which will trigger the do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c.c. This function can leak potentially sensitive information from the kernel stack memory via a HIDPCONNADD command because a name field may not be correctly NULL terminated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11884"
},
{
"category": "external",
"summary": "RHBZ#1709837",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709837"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11884",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11884"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11884",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11884"
}
],
"release_date": "2019-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command"
},
{
"cve": "CVE-2019-15030",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-10-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1759313"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in the Linux kernel on the PowerPC platform, was found where a local user can read vector registers of other user processes (via a Facility Unavailable exception). An attacker must start a transaction when the FPU operation begins or there is no leakage. Vector registers will become corrupted with values from the different local Linux processes, because of the missing check inside arch/powerpc/kernel/process.c. The highest threat from this vulnerability is confidentiality of data and availability of the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: powerpc: local user can read vector registers of other users\u0027 processes via a Facility Unavailable exception",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15030"
},
{
"category": "external",
"summary": "RHBZ#1759313",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759313"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15030",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15030"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15030",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15030"
}
],
"release_date": "2019-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0740"
},
{
"category": "workaround",
"details": "When applicable rely on FPU emulation (for example by rebuilding the critical services code) instead of the hardware FPU.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: powerpc: local user can read vector registers of other users\u0027 processes via a Facility Unavailable exception"
},
{
"cve": "CVE-2019-15916",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-09-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1750813"
}
],
"notes": [
{
"category": "description",
"text": "A flaw that allowed an attacker to leak kernel memory was found in the network subsystem where an attacker with permissions to create tun/tap devices can create a denial of service and panic the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15916"
},
{
"category": "external",
"summary": "RHBZ#1750813",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750813"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15916",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15916"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15916",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15916"
}
],
"release_date": "2019-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service"
},
{
"cve": "CVE-2019-17666",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2019-10-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1763690"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of the RealTek wireless drivers WiFi-direct (or WiFi peer-to-peer) driver implementation. When the RealTek wireless networking hardware is configured to accept WiFi-Direct or WiFi P2P connections, an attacker within the wireless network connectivity radio range can exploit a flaw in the WiFi-direct protocol known as \"Notice of Absence\" by creating specially crafted frames which can then corrupt kernel memory as the upper bounds on the length of the frame is unchecked and supplied by the incoming packet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-17666"
},
{
"category": "external",
"summary": "RHBZ#1763690",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1763690"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-17666",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17666"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17666",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17666"
},
{
"category": "external",
"summary": "https://arstechnica.com/information-technology/2019/10/unpatched-linux-flaw-may-let-attackers-crash-or-compromise-nearby-devices/",
"url": "https://arstechnica.com/information-technology/2019/10/unpatched-linux-flaw-may-let-attackers-crash-or-compromise-nearby-devices/"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c55dedb795be8ec0cf488f98c03a1c2176f7fb1",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8c55dedb795be8ec0cf488f98c03a1c2176f7fb1"
}
],
"release_date": "2019-10-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0740"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow"
},
{
"cve": "CVE-2019-18805",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2019-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1771496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was reported in the Linux kernel\u0027s TCP subsystem while calculating a packet round trip time, when a sysctl parameter (/proc/sys/net/ipv4/tcp_min_rtt_wlen) is set incorrectly. This causes an integer overflow which can lead to a denial Of service (DOS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-18805"
},
{
"category": "external",
"summary": "RHBZ#1771496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-18805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-18805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18805"
}
],
"release_date": "2019-04-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:0740"
},
{
"category": "workaround",
"details": "This flaw can be mitigated by setting the sysctl parameter (/proc/sys/net/ipv4/tcp_min_rtt_wlen) with 300 which means the packet time will not exceed more then 5 minutes and which should not cause an integer overflow.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.18.1.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.18.1.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.18.1.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.18.1.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c"
}
]
}
Loading...