ID CVE-2019-9456
Summary In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
References
Vulnerable Configurations
  • cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 14-10-2022 - 01:39)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1712072
    title CVE-2019-11833 kernel: fs/ext4/extents.c leads to information disclosure
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • comment kernel earlier than 0:3.10.0-1062.el7 is currently running
          oval oval:com.redhat.rhsa:tst:20192029033
        • comment kernel earlier than 0:3.10.0-1062.el7 is set to boot up on next boot
          oval oval:com.redhat.rhsa:tst:20192029034
      • OR
        • AND
          • comment bpftool is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029001
          • comment bpftool is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20183083002
        • AND
          • comment kernel is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029003
          • comment kernel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100842002
        • AND
          • comment kernel-abi-whitelists is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029005
          • comment kernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20131645004
        • AND
          • comment kernel-bootwrapper is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029007
          • comment kernel-bootwrapper is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100842004
        • AND
          • comment kernel-debug is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029009
          • comment kernel-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100842006
        • AND
          • comment kernel-debug-devel is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029011
          • comment kernel-debug-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100842008
        • AND
          • comment kernel-devel is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029013
          • comment kernel-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100842010
        • AND
          • comment kernel-doc is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029015
          • comment kernel-doc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100842012
        • AND
          • comment kernel-headers is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029017
          • comment kernel-headers is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100842016
        • AND
          • comment kernel-kdump is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029019
          • comment kernel-kdump is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100842018
        • AND
          • comment kernel-kdump-devel is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029021
          • comment kernel-kdump-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100842020
        • AND
          • comment kernel-tools is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029023
          • comment kernel-tools is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140678022
        • AND
          • comment kernel-tools-libs is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029025
          • comment kernel-tools-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140678024
        • AND
          • comment kernel-tools-libs-devel is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029027
          • comment kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20140678026
        • AND
          • comment perf is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029029
          • comment perf is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20100842022
        • AND
          • comment python-perf is earlier than 0:3.10.0-1062.el7
            oval oval:com.redhat.rhsa:tst:20192029031
          • comment python-perf is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111530024
    rhsa
    id RHSA-2019:2029
    released 2019-08-06
    severity Important
    title RHSA-2019:2029: kernel security, bug fix, and enhancement update (Important)
  • bugzilla
    id 1717212
    title KVM tracebacks causing significant latency to VM
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • comment kernel-rt earlier than 0:3.10.0-1062.rt56.1022.el7 is currently running
          oval oval:com.redhat.rhsa:tst:20192029033
        • comment kernel-rt earlier than 0:3.10.0-1062.rt56.1022.el7 is set to boot up on next boot
          oval oval:com.redhat.rhsa:tst:20192043022
      • OR
        • AND
          • comment kernel-rt is earlier than 0:3.10.0-1062.rt56.1022.el7
            oval oval:com.redhat.rhsa:tst:20192043001
          • comment kernel-rt is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150727002
        • AND
          • comment kernel-rt-debug is earlier than 0:3.10.0-1062.rt56.1022.el7
            oval oval:com.redhat.rhsa:tst:20192043003
          • comment kernel-rt-debug is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150727004
        • AND
          • comment kernel-rt-debug-devel is earlier than 0:3.10.0-1062.rt56.1022.el7
            oval oval:com.redhat.rhsa:tst:20192043005
          • comment kernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150727006
        • AND
          • comment kernel-rt-debug-kvm is earlier than 0:3.10.0-1062.rt56.1022.el7
            oval oval:com.redhat.rhsa:tst:20192043007
          • comment kernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20160212008
        • AND
          • comment kernel-rt-devel is earlier than 0:3.10.0-1062.rt56.1022.el7
            oval oval:com.redhat.rhsa:tst:20192043009
          • comment kernel-rt-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150727008
        • AND
          • comment kernel-rt-doc is earlier than 0:3.10.0-1062.rt56.1022.el7
            oval oval:com.redhat.rhsa:tst:20192043011
          • comment kernel-rt-doc is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150727010
        • AND
          • comment kernel-rt-kvm is earlier than 0:3.10.0-1062.rt56.1022.el7
            oval oval:com.redhat.rhsa:tst:20192043013
          • comment kernel-rt-kvm is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20160212014
        • AND
          • comment kernel-rt-trace is earlier than 0:3.10.0-1062.rt56.1022.el7
            oval oval:com.redhat.rhsa:tst:20192043015
          • comment kernel-rt-trace is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150727012
        • AND
          • comment kernel-rt-trace-devel is earlier than 0:3.10.0-1062.rt56.1022.el7
            oval oval:com.redhat.rhsa:tst:20192043017
          • comment kernel-rt-trace-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20150727014
        • AND
          • comment kernel-rt-trace-kvm is earlier than 0:3.10.0-1062.rt56.1022.el7
            oval oval:com.redhat.rhsa:tst:20192043019
          • comment kernel-rt-trace-kvm is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20160212020
    rhsa
    id RHSA-2019:2043
    released 2019-08-07
    severity Important
    title RHSA-2019:2043: kernel-rt security and bug fix update (Important)
rpms
  • bpftool-0:3.10.0-1062.el7
  • bpftool-debuginfo-0:3.10.0-1062.el7
  • kernel-0:3.10.0-1062.el7
  • kernel-abi-whitelists-0:3.10.0-1062.el7
  • kernel-bootwrapper-0:3.10.0-1062.el7
  • kernel-debug-0:3.10.0-1062.el7
  • kernel-debug-debuginfo-0:3.10.0-1062.el7
  • kernel-debug-devel-0:3.10.0-1062.el7
  • kernel-debuginfo-0:3.10.0-1062.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-1062.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-1062.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-1062.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-1062.el7
  • kernel-devel-0:3.10.0-1062.el7
  • kernel-doc-0:3.10.0-1062.el7
  • kernel-headers-0:3.10.0-1062.el7
  • kernel-kdump-0:3.10.0-1062.el7
  • kernel-kdump-debuginfo-0:3.10.0-1062.el7
  • kernel-kdump-devel-0:3.10.0-1062.el7
  • kernel-tools-0:3.10.0-1062.el7
  • kernel-tools-debuginfo-0:3.10.0-1062.el7
  • kernel-tools-libs-0:3.10.0-1062.el7
  • kernel-tools-libs-devel-0:3.10.0-1062.el7
  • perf-0:3.10.0-1062.el7
  • perf-debuginfo-0:3.10.0-1062.el7
  • python-perf-0:3.10.0-1062.el7
  • python-perf-debuginfo-0:3.10.0-1062.el7
  • kernel-rt-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7
  • kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7
refmap via4
misc https://source.android.com/security/bulletin/pixel/2019-09-01
suse
  • openSUSE-SU-2019:2173
  • openSUSE-SU-2019:2181
Last major update 14-10-2022 - 01:39
Published 06-09-2019 - 22:15
Last modified 14-10-2022 - 01:39
Back to Top