rhsa-2020_1567
Vulnerability from csaf_redhat
Published
2020-04-28 15:41
Modified
2024-11-05 22:07
Summary
Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768)
* kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871)
* kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service (CVE-2019-8980)
* kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol. (CVE-2019-17053)
* kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. (CVE-2019-17055)
* kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c (CVE-2019-18805)
* kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (CVE-2019-19534)
* kernel: some ipv6 protocols not encrypted over ipsec tunnel. (CVE-2020-1749)
* Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639)
* kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure (CVE-2019-15090)
* kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099)
* kernel: Null pointer dereference in the sound/usb/line6/pcm.c (CVE-2019-15221)
* kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS (CVE-2019-19057)
* kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) (CVE-2019-19073)
* kernel: a memory leak in the ath9k management function in allows local DoS (CVE-2019-19074)
* kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* RT: update RT source tree to the RHEL-8.2 tree (BZ#1708716)
* KVM-RT guest fails boot with emulatorsched (BZ#1712781)
* 8 vCPU guest need max latency < 20 us with stress [RT-8.2] (BZ#1757165)
* Request nx_huge_pages=N as default value to avoid kvm-rt guest large latency spike [rt-8] (BZ#1788352)
* RT: Add rpm Provide of 'kernel' to indicate that this is a kernel package (BZ#1796284)
* [RHEL8] RT kernel signed by test certificate and not Red Hat Secure Boot (BZ#1806871)
Enhancement(s):
* update to the upstream 5.x RT patchset (BZ#1680161)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768)\n\n* kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871)\n\n* kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service (CVE-2019-8980)\n\n* kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol. (CVE-2019-17053)\n\n* kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. (CVE-2019-17055)\n\n* kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c (CVE-2019-18805)\n\n* kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (CVE-2019-19534)\n\n* kernel: some ipv6 protocols not encrypted over ipsec tunnel. (CVE-2020-1749)\n\n* Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639)\n\n* kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure (CVE-2019-15090)\n\n* kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash (CVE-2019-15099)\n\n* kernel: Null pointer dereference in the sound/usb/line6/pcm.c (CVE-2019-15221)\n\n* kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS (CVE-2019-19057)\n\n* kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS) (CVE-2019-19073)\n\n* kernel: a memory leak in the ath9k management function in allows local DoS (CVE-2019-19074)\n\n* kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications (CVE-2019-19922)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* RT: update RT source tree to the RHEL-8.2 tree (BZ#1708716)\n\n* KVM-RT guest fails boot with emulatorsched (BZ#1712781)\n\n* 8 vCPU guest need max latency \u003c 20 us with stress [RT-8.2] (BZ#1757165)\n\n* Request nx_huge_pages=N as default value to avoid kvm-rt guest large latency spike [rt-8] (BZ#1788352)\n\n* RT: Add rpm Provide of \u0027kernel\u0027 to indicate that this is a kernel package (BZ#1796284)\n\n* [RHEL8] RT kernel signed by test certificate and not Red Hat Secure Boot (BZ#1806871)\n\nEnhancement(s):\n\n* update to the upstream 5.x RT patchset (BZ#1680161)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:1567", "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index" }, { "category": "external", "summary": "1655162", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655162" }, { "category": "external", "summary": "1679972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679972" }, { "category": "external", "summary": "1708716", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708716" }, { "category": "external", "summary": "1712781", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1712781" }, { "category": "external", "summary": "1729933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729933" }, { "category": "external", "summary": "1743526", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743526" }, { "category": "external", "summary": "1743560", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743560" }, { "category": "external", "summary": "1749974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749974" }, { "category": "external", "summary": "1757165", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757165" }, { "category": "external", "summary": "1758242", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758242" }, { "category": "external", "summary": "1758248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758248" }, { "category": "external", "summary": "1768730", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768730" }, { "category": "external", "summary": "1771496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771496" }, { "category": "external", "summary": "1772738", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772738" }, { "category": "external", "summary": "1774933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774933" }, { "category": "external", "summary": "1774937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774937" }, { "category": "external", "summary": "1775050", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775050" }, { "category": "external", "summary": "1783540", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783540" }, { "category": "external", "summary": "1786164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786164" }, { "category": "external", "summary": "1788352", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1788352" }, { "category": "external", "summary": "1792512", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1792512" }, { "category": "external", "summary": "1796284", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796284" }, { "category": "external", "summary": "1806871", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806871" }, { "category": "external", "summary": "1809833", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809833" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1567.json" } ], "title": "Red Hat Security Advisory: kernel-rt security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-05T22:07:04+00:00", "generator": { "date": "2024-11-05T22:07:04+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2020:1567", "initial_release_date": "2020-04-28T15:41:38+00:00", "revision_history": [ { "date": "2020-04-28T15:41:38+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-04-28T15:41:38+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T22:07:04+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product": { "name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time (v. 8)", "product": { "name": "Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::realtime" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-193.rt13.51.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "product": { "name": "kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "product_id": "kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-193.rt13.51.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-193.rt13.51.el8.src", "product": { "name": "kernel-rt-0:4.18.0-193.rt13.51.el8.src", "product_id": "kernel-rt-0:4.18.0-193.rt13.51.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-193.rt13.51.el8?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-193.rt13.51.el8.src as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src" }, "product_reference": "kernel-rt-0:4.18.0-193.rt13.51.el8.src", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "NFV-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-193.rt13.51.el8.src as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src" }, "product_reference": "kernel-rt-0:4.18.0-193.rt13.51.el8.src", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "relates_to_product_reference": "RT-8.2.0.GA" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Hangbin Liu" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." }, { "names": [ "Jasu Liedes" ], "organization": "Synopsys SIG" } ], "cve": "CVE-2018-16871", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2018-11-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1655162" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s NFS implementation. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-16871" }, { "category": "external", "summary": "RHBZ#1655162", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1655162" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-16871", "url": "https://www.cve.org/CVERecord?id=CVE-2018-16871" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-16871", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16871" } ], "release_date": "2019-06-03T02:23:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence" }, { "cve": "CVE-2019-5108", "cwe": { "id": "CWE-440", "name": "Expected Behavior Violation" }, "discovery_date": "2020-01-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1789927" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u2019s implementation of the WiFi station handoff code. An attacker within the radio range could use this flaw to deny a valid device from joining the access point.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-5108" }, { "category": "external", "summary": "RHBZ#1789927", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1789927" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-5108", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5108" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5108", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5108" } ], "release_date": "2019-12-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "At this time there is no known mitigations to this issue other than to install the updated kernel package.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: triggering AP to send IAPP location updates for stations before the required authentication process has completed can lead to DoS" }, { "cve": "CVE-2019-8980", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-02-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1679972" } ], "notes": [ { "category": "description", "text": "A kernel memory leak was found in the kernel_read_file() function in the fs/exec.c file in the Linux kernel. An attacker could use this flaw to cause a memory leak and thus a denial of service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-8980" }, { "category": "external", "summary": "RHBZ#1679972", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679972" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-8980", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8980" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-8980", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-8980" } ], "release_date": "2019-02-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: memory leak in the kernel_read_file function in fs/exec.c allows to cause a denial of service" }, { "cve": "CVE-2019-10639", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-07-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1729933" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a net_hash_mix() function. A remote user could observe this IP ID field to extract the kernel\u00a0address bits used to derive its value, which may result in leaking the hash key and potentially defeating KASLR.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 7, 8 and Red Hat Enterprise MRG 2 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10639" }, { "category": "external", "summary": "RHBZ#1729933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729933" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10639", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10639" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10639", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10639" }, { "category": "external", "summary": "https://arxiv.org/pdf/1906.10478.pdf", "url": "https://arxiv.org/pdf/1906.10478.pdf" } ], "release_date": "2019-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR" }, { "cve": "CVE-2019-12819", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-06-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1721962" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u0027s MDIO section of the network management subsystem. An attacker who is able to hot-plug a network device can trigger the __mdiobus_register() function in drivers/net/phy/mdio_bus.c, which can cause a use-after-free condition causing a memory corruption and kernel panic or privilege escalation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in function __mdiobus_register() in drivers/net/phy/mdio_bus.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12819" }, { "category": "external", "summary": "RHBZ#1721962", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1721962" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12819", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12819" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12819", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12819" } ], "release_date": "2019-06-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use-after-free in function __mdiobus_register() in drivers/net/phy/mdio_bus.c" }, { "cve": "CVE-2019-15090", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1743526" } ], "notes": [ { "category": "description", "text": "An out-of-bounds (OOB) memory access flaw was found in the Qlogic ISCSI module in the Linux kernel\u0027s qedi_dbg_* family of functions in drivers/scsi/qedi/qedi_dbg.c. Here a local attacker with a special user privilege account (or a root) can cause an out-of-bound memory access leading to a system crash or a leak of internal kernel information.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-15090" }, { "category": "external", "summary": "RHBZ#1743526", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743526" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-15090", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15090" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15090", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15090" } ], "release_date": "2019-08-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: An out-of-bounds read in drivers/scsi/qedi/qedi_dbg.c leading to crash or information disclosure" }, { "cve": "CVE-2019-15099", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-08-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1743560" } ], "notes": [ { "category": "description", "text": "A null pointer dereference flaw was discovered in the Linux kernel\u0027s implementation of the ath10k USB device driver. The vulnerability requires the attacker to plug in a specially crafted hardware device that present endpoint descriptors that normal ath10k devices do not recognize. System availability is the highest threat with this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-15099" }, { "category": "external", "summary": "RHBZ#1743560", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743560" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-15099", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15099" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15099", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15099" } ], "release_date": "2019-08-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "As the ath10k module will be auto-loaded when required, its use can be disabled by preventing the module from loading using the following instructions.\n\nOn the command line, as root, execute the following command:\n# echo \"install ath10k_usb /bin/true\" \u003e\u003e /etc/modprobe.d/disable-ath10k_usb.conf \n \nThe system will need to be restarted if the ath10k_usb module are loaded. In most circumstances, the kernel modules will be unable to be unloaded while the ath10k WiFi network interface is in use. If the system requires this module to work correctly, this mitigation may not be suitable.\n\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: a NULL pointer dereference in drivers/net/wireless/ath/ath10k/usb.c leads to a crash" }, { "cve": "CVE-2019-15221", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2019-08-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1749974" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in the way the LINE6 drivers in the Linux kernel allocated buffers for USB packets. This flaw allows an attacker with physical access to the system to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Null pointer dereference in the sound/usb/line6/pcm.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact because of the physical access needed to trigger this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-15221" }, { "category": "external", "summary": "RHBZ#1749974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749974" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-15221", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15221" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15221", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15221" } ], "release_date": "2019-08-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "To mitigate this issue, prevent module snd-usb-line6 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Null pointer dereference in the sound/usb/line6/pcm.c" }, { "cve": "CVE-2019-15223", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2019-08-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1749976" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in the way the Line 6 POD USB driver in the Linux kernel handled disconnection. This flaw allows an attacker with physical access to the system to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Null pointer dereference in the sound/usb/line6/driver.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact because of the physical access needed to trigger this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-15223" }, { "category": "external", "summary": "RHBZ#1749976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749976" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-15223", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15223" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15223", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15223" } ], "release_date": "2019-08-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "To mitigate this issue, prevent module snd-usb-line6 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Null pointer dereference in the sound/usb/line6/driver.c" }, { "cve": "CVE-2019-16234", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2019-10-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1760441" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. A check was not done on the alloc_workqueue return value of the iwl_trans_pcie_alloc function potentially leading to a NULL pointer dereference. This error condition could lead to a denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact because of the preconditions needed to trigger the error/resource cleanup code path (system-wide out-of-memory condition, high privileges or physical access). The attacker would have to be able to induce system-wide out-of-memory condition which itself could be seen as a local denial of service. It could be argued that having such privileges has the same impact as the flaw itself.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16234" }, { "category": "external", "summary": "RHBZ#1760441", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760441" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16234", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16234" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16234", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16234" }, { "category": "external", "summary": "https://lkml.org/lkml/2019/9/9/487", "url": "https://lkml.org/lkml/2019/9/9/487" } ], "release_date": "2019-09-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: null pointer dereference in drivers/net/wireless/intel/iwlwifi/pcie/trans.c" }, { "cve": "CVE-2019-17053", "cwe": { "id": "CWE-250", "name": "Execution with Unnecessary Privileges" }, "discovery_date": "2019-10-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758242" } ], "notes": [ { "category": "description", "text": "A vulnerability was discovered in the Linux kernel\u0027s AF_IEEE802154 networking module where permissions checks are not enforced. This can allow an unprivileged user to create raw sockets for this protocol leading to the potential for data leaks or system unavailability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is rated as moderate; there are no known exploits using this mechanism as an attack surface against the system affected by this bug.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17053" }, { "category": "external", "summary": "RHBZ#1758242", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758242" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17053", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17053" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17053", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17053" } ], "release_date": "2019-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: unprivileged users able to create RAW sockets in AF_IEEE802154 network protocol" }, { "cve": "CVE-2019-17055", "cwe": { "id": "CWE-250", "name": "Execution with Unnecessary Privileges" }, "discovery_date": "2019-10-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1758248" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u2019s implementation of the AF_ISDN protocol, which does not enforce the CAP_NET_RAW capability. This flaw can allow unprivileged users to create a raw socket for this protocol. This could further allow the user to control the availability of an existing ISDN circuit.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-17055" }, { "category": "external", "summary": "RHBZ#1758248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758248" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17055", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17055" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17055", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17055" } ], "release_date": "2019-09-20T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "At this time the only known way to \u0027mitigate\u0027 this flaw is to blacklist the kernel module from being loaded. Creating raw sockets with this protocol is a method of communicating with ISDN hardware, a technology that is becoming less and less common.\n\nCheck https://access.redhat.com/solutions/41278 for instructions on how to disable the mISDN_core.ko module.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol" }, { "cve": "CVE-2019-18282", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2020-01-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1796360" } ], "notes": [ { "category": "description", "text": "A device tracking vulnerability was found in the flow_dissector feature in the Linux kernel. This flaw occurs because the auto flowlabel of the UDP IPv6 packet relies on a 32-bit hashmd value as a secret, and jhash (instead of siphash) is used. The hashmd value remains the same starting from boot time and can be inferred by an attacker.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: The flow_dissector feature allows device tracking", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-18282" }, { "category": "external", "summary": "RHBZ#1796360", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1796360" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-18282", "url": "https://www.cve.org/CVERecord?id=CVE-2019-18282" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-18282", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18282" } ], "release_date": "2019-10-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: The flow_dissector feature allows device tracking" }, { "cve": "CVE-2019-18805", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2019-11-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1771496" } ], "notes": [ { "category": "description", "text": "A flaw was reported in the Linux kernel\u0027s TCP subsystem while calculating a packet round trip time, when a sysctl parameter (/proc/sys/net/ipv4/tcp_min_rtt_wlen) is set incorrectly. This causes an integer overflow which can lead to a denial Of service (DOS) attack.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-18805" }, { "category": "external", "summary": "RHBZ#1771496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1771496" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-18805", "url": "https://www.cve.org/CVERecord?id=CVE-2019-18805" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-18805", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18805" } ], "release_date": "2019-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "This flaw can be mitigated by setting the sysctl parameter (/proc/sys/net/ipv4/tcp_min_rtt_wlen) with 300 which means the packet time will not exceed more then 5 minutes and which should not cause an integer overflow.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: integer overflow in tcp_ack_update_rtt in net/ipv4/tcp_input.c" }, { "cve": "CVE-2019-19045", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1774983" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. The Mellanox Technologies Innova driver mishandles resource cleanup on error. An attacker, able to trigger error could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: dos in mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Moderate impact because of the privileges needed to trigger the resource cleanup code path.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19045" }, { "category": "external", "summary": "RHBZ#1774983", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774983" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19045", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19045" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19045", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19045" } ], "release_date": "2019-11-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module mlx5_core. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: dos in mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c" }, { "cve": "CVE-2019-19047", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1774991" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the Mellanox 5th generation network adapters (ConnectX series) core driver in the Linux kernel handled resource cleanup in the mlx5_fw_fatal_reporter_dump function. This flaw allows an attacker with the ability to trigger errors in the mlx5_crdump_collect function to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: dos in mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact because of the preconditions needed to trigger the resource cleanup code path.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19047" }, { "category": "external", "summary": "RHBZ#1774991", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774991" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19047", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19047" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19047", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19047" } ], "release_date": "2019-11-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module mlx5_core. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: dos in mlx5_fw_fatal_reporter_dump() function in drivers/net/ethernet/mellanox/mlx5/core/health.c" }, { "cve": "CVE-2019-19055", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-11-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775074" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. The Wireless configuration API functionality mishandles resource cleanup in nl80211_get_ftm_responder_stats function. An attacker able to trigger the resource cleanup code path could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Moderate impact because of the preconditions needed to trigger the resource cleanup code path.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19055" }, { "category": "external", "summary": "RHBZ#1775074", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775074" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19055", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19055" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19055", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19055" } ], "release_date": "2019-10-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module cfg80211. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: memory leak in the nl80211_get_ftm_responder_stats() function in net/wireless/nl80211.c allows DoS" }, { "cve": "CVE-2019-19057", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775050" } ], "notes": [ { "category": "description", "text": "Two memory leak flaws were found in the Linux kernel\u0027s mwifiex_pcie_init_evt_ring() function. A local attacker, able to reload the kernel module or hotplug Marvell WiFi hardware using this driver, can cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19057" }, { "category": "external", "summary": "RHBZ#1775050", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775050" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19057", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19057" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19057", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19057" } ], "release_date": "2019-11-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS" }, { "cve": "CVE-2019-19058", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775047" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. The Intel Wireless WiFi MVM Firmware driver mishandles resource cleanup during device coredump. An attacker able to trigger the device coredump and system-wide out of memory conditions at the same time could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact because of the preconditions needed to trigger the resource cleanup code path (system-wide out-of-memory condition).", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19058" }, { "category": "external", "summary": "RHBZ#1775047", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775047" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19058", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19058" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19058", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19058" } ], "release_date": "2019-11-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module iwlmvm. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS" }, { "cve": "CVE-2019-19059", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775042" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the Intel Wireless driver in the Linux kernel handled resource cleanup during Gen 3 device initialization. This flaw allows an attacker with the ability to restrict access to DMA coherent memory on device initialization, to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact because of the preconditions needed to trigger the resource cleanup code path (ability to restrict access to dma coherent memory on device initialization).", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19059" }, { "category": "external", "summary": "RHBZ#1775042", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775042" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19059", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19059" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19059", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19059" } ], "release_date": "2019-11-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module iwlwifi. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS" }, { "cve": "CVE-2019-19065", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775000" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. The Intel OPA Gen1 driver mishandles resource cleanup. An attacker able to induce low memory condition on the system could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c allows for a DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact because of the preconditions needed to trigger the resource cleanup code path (system-wide out-of-memory condition).", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19065" }, { "category": "external", "summary": "RHBZ#1775000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775000" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19065", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19065" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19065", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19065" } ], "release_date": "2019-11-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module hfi1. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c allows for a DoS" }, { "cve": "CVE-2019-19067", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1774968" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel. The acp_hw_init function fails to cleanup resources properly. A local attacker can induce an error condition to crash the system. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c allow for a DoS", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact because of the preconditions needed to trigger the error/resource cleanup code path.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19067" }, { "category": "external", "summary": "RHBZ#1774968", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774968" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19067", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19067" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19067", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19067" } ], "release_date": "2019-11-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c allow for a DoS" }, { "cve": "CVE-2019-19073", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1774937" } ], "notes": [ { "category": "description", "text": "Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credits() function, the htc_setup_complete() function, and the htc_connect_service() function, aka CID-853acf7caf10.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19073" }, { "category": "external", "summary": "RHBZ#1774937", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774937" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19073", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19073" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19073", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19073" } ], "release_date": "2019-11-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS)" }, { "cve": "CVE-2019-19074", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2019-11-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1774933" } ], "notes": [ { "category": "description", "text": "A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: a memory leak in the ath9k management function in allows local DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19074" }, { "category": "external", "summary": "RHBZ#1774933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774933" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19074", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19074" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19074", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19074" } ], "release_date": "2019-11-21T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: a memory leak in the ath9k management function in allows local DoS" }, { "cve": "CVE-2019-19077", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-11-22T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1775724" } ], "notes": [ { "category": "description", "text": "A memory leak flaw was found in the Broadcom NetXtreme HCA driver in the Linux kernel, in the way it handled resource cleanup on the copy to userspace error. This flaw allows a local attacker to trigger this error and crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: memory leak in bnxt_re_create_srq function in drivers/infiniband/hw/bnxt_re/ib_verbs.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Moderate impact because local attacker is needed in order to trigger it.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19077" }, { "category": "external", "summary": "RHBZ#1775724", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775724" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19077", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19077" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19077", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19077" } ], "release_date": "2019-09-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module bnxt_re. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: memory leak in bnxt_re_create_srq function in drivers/infiniband/hw/bnxt_re/ib_verbs.c" }, { "cve": "CVE-2019-19532", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2019-12-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1781821" } ], "notes": [ { "category": "description", "text": "An out-of-bounds write flaw was found in the Linux kernel\u2019s HID drivers. An attacker, able to plug in a malicious USB device, can crash the system or read and write to memory with an incorrect address.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: malicious USB devices can lead to multiple out-of-bounds write", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue was rated as having Moderate impact because of the need of physical access to trigger it.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19532" }, { "category": "external", "summary": "RHBZ#1781821", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781821" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19532", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19532" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19532", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19532" } ], "release_date": "2019-12-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: malicious USB devices can lead to multiple out-of-bounds write" }, { "cve": "CVE-2019-19534", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-12-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1783540" } ], "notes": [ { "category": "description", "text": "An information-leak flaw was found in the Linux kernel\u0027s pcan USB driver. When a device using this driver connects to the system, the stack information is leaked to the CAN bus, a controller area network for automobiles. The highest threat with this vulnerability is breach of data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19534" }, { "category": "external", "summary": "RHBZ#1783540", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783540" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19534", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19534" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19534", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19534" } ], "release_date": "2019-11-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "As the devices module will be auto-loaded when the USB CAN bus adapter is connected, its can be disabled by preventing the module from loading with the following instructions:\n\n# echo \"install peak_usb /bin/true\" \u003e\u003e /etc/modprobe.d/disable-peak-usb-canbus.conf \n \nThe system will need to be restarted if the peak_usb module is already loaded. In most circumstances, the kernel modules will be unable to be unloaded while any CAN bus interfaces are active and the protocol is in use. If the system requires this module to work correctly, this mitigation may not be suitable. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: information leak bug caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver" }, { "cve": "CVE-2019-19768", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-12-23T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1786164" } ], "notes": [ { "category": "description", "text": "A use-after-free vulnerability was found in the Linux kernel\u2019s implementation of blktrace in the __blk_add_trace function. A local attacker with permissions to run block trace instructions against a device can create a situation where the core block_trace object is used after it is freed. The attacker can pre-groom memory to race this use-after-free to create a condition where the memory is corrupted and cause privilege escalation.\r\n\r\nThe ability to create this condition requires elevated privileges, and it has been decided that this change in Red Hat Enterprise Linux 5 and 6 would risk introducing possible regressions and will not be backported.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19768" }, { "category": "external", "summary": "RHBZ#1786164", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786164" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19768", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19768" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19768", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19768" } ], "release_date": "2019-11-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c" }, { "cve": "CVE-2019-19922", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-01-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1792512" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u2019s scheduler, where it can allow attackers to cause a denial of service against non-CPU-bound applications by generating a workload that triggers unwanted scheduling slice expiration. A local attacker who can trigger a specific workload type could abuse this technique to trigger a system to be seen as degraded, and possibly trigger workload-rebalance in systems that use the slice-expiration metric as a measure of system health.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-19922" }, { "category": "external", "summary": "RHBZ#1792512", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1792512" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-19922", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19922" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19922", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19922" } ], "release_date": "2019-12-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: when cpu.cfs_quota_us is used allows attackers to cause a denial of service against non-cpu-bound applications" }, { "acknowledgments": [ { "names": [ "Xiumei Mu" ], "organization": "Red Hat QE Engineering", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2020-1749", "cwe": { "id": "CWE-319", "name": "Cleartext Transmission of Sensitive Information" }, "discovery_date": "2020-03-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1809833" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn\u0027t correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: some ipv6 protocols not encrypted over ipsec tunnel", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-1749" }, { "category": "external", "summary": "RHBZ#1809833", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1809833" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-1749", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1749" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-1749", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1749" } ], "release_date": "2020-03-04T01:29:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "Disabling the IPV6 protocol may be a suitable workaround for systems that do not require the protocol to function correctly, however, if IPV6 is not in use this flaw will not be triggered.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: some ipv6 protocols not encrypted over ipsec tunnel" }, { "cve": "CVE-2020-7053", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2020-01-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1795624" } ], "notes": [ { "category": "description", "text": "A use-after-free flaw was found in the Linux kernel\u2019s GPU driver functionality when destroying GEM context. A local user could use this flaw to crash the system or potentially escalate their privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c", "title": "Vulnerability summary" }, { "category": "other", "text": "The impact of this issue is Moderate, because attack is specific for certain Intel hardware and could be triggered only by local user with write access to the device.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-7053" }, { "category": "external", "summary": "RHBZ#1795624", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1795624" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7053", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7053" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7053", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7053" } ], "release_date": "2020-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "In case of dedicated graphic card presence and i915 GPU is not being used, you can prevent module i915 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c" }, { "cve": "CVE-2020-10690", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-11-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1817141" } ], "notes": [ { "category": "description", "text": "There is a use-after-free problem seen due to a race condition between the release of ptp_clock and cdev while resource deallocation. When a (high privileged) process allocates a ptp device file (like /dev/ptpX) and voluntarily goes to sleep. During this time if the underlying device is removed, it can cause an exploitable condition as the process wakes up to terminate and clean all attached files. The system crashes due to the cdev structure being invalid (as already freed) which is pointed to by the inode.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in cdev_put() when a PTP device is removed while it\u0027s chardev is open", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact as there is a need for high privilege access to trigger this problem. This will need an access to /dev/ptpX which is privileged operation, also removing the module is needed (again, privileged operation).", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-10690" }, { "category": "external", "summary": "RHBZ#1817141", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817141" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10690", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10690" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10690", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10690" } ], "release_date": "2019-11-25T12:53:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: use-after-free in cdev_put() when a PTP device is removed while it\u0027s chardev is open" }, { "cve": "CVE-2021-33630", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2024-01-30T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2261974" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in the Linux kernel\u0027s network scheduler. This issue occurs when offloading is enabled, the cbs instance is not added to the list. The code also incorrectly handles the case when offload is disabled without removing the qdisc. This could allow a local user to cause a denial of service condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: net/sched: cbs NULL pointer dereference when offloading is enabled", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-33630" }, { "category": "external", "summary": "RHBZ#2261974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261974" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-33630", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33630" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-33630", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-33630" }, { "category": "external", "summary": "https://seclists.org/oss-sec/2024/q1/65", "url": "https://seclists.org/oss-sec/2024/q1/65" } ], "release_date": "2024-01-18T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-04-28T15:41:38+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1567" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "NFV-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "NFV-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.src", "RT-8.2.0.GA:kernel-rt-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-core-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-devel-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-kvm-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-0:4.18.0-193.rt13.51.el8.x86_64", "RT-8.2.0.GA:kernel-rt-modules-extra-0:4.18.0-193.rt13.51.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: net/sched: cbs NULL pointer dereference when offloading is enabled" } ] }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.