Vulnerability-Lookup

CVE-2019-19083 (GCVE-0-2019-19083)

Vulnerability from cvelistv5 – Published: 2019-11-18 05:24 – Updated: 2024-08-05 02:09

Summary

Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

8 references

URL	Tags
https://cdn.kernel.org/pub/linux/kernel/v5.x/Chan…	x_refsource_MISC
https://github.com/torvalds/linux/commit/055e5474…	x_refsource_MISC
https://usn.ubuntu.com/4208-1/	vendor-advisoryx_refsource_UBUNTU
https://security.netapp.com/advisory/ntap-2019120…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://usn.ubuntu.com/4227-1/	vendor-advisoryx_refsource_UBUNTU
https://usn.ubuntu.com/4226-1/	vendor-advisoryx_refsource_UBUNTU
https://usn.ubuntu.com/4227-2/	vendor-advisoryx_refsource_UBUNTU

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:09:38.894Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12"
          },
          {
            "name": "USN-4208-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4208-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20191205-0001/"
          },
          {
            "name": "openSUSE-SU-2019:2675",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
          },
          {
            "name": "USN-4227-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4227-1/"
          },
          {
            "name": "USN-4226-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4226-1/"
          },
          {
            "name": "USN-4227-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4227-2/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-07T22:06:08.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12"
        },
        {
          "name": "USN-4208-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4208-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20191205-0001/"
        },
        {
          "name": "openSUSE-SU-2019:2675",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
        },
        {
          "name": "USN-4227-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4227-1/"
        },
        {
          "name": "USN-4226-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4226-1/"
        },
        {
          "name": "USN-4227-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4227-2/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19083",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8",
              "refsource": "MISC",
              "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12",
              "refsource": "MISC",
              "url": "https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12"
            },
            {
              "name": "USN-4208-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4208-1/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20191205-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20191205-0001/"
            },
            {
              "name": "openSUSE-SU-2019:2675",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html"
            },
            {
              "name": "USN-4227-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4227-1/"
            },
            {
              "name": "USN-4226-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4226-1/"
            },
            {
              "name": "USN-4227-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4227-2/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19083",
    "datePublished": "2019-11-18T05:24:33.000Z",
    "dateReserved": "2019-11-18T00:00:00.000Z",
    "dateUpdated": "2024-08-05T02:09:38.894Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2019-19083",
      "date": "2026-05-21",
      "epss": "0.00035",
      "percentile": "0.10392"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"5.3.8\", \"matchCriteriaId\": \"AEC4B6C4-7934-4B29-A754-F6B88C80CF6E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"815D70A8-47D3-459C-A32C-9FEACA0659D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD783B0C-9246-47D9-A937-6144FE8BFF0F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A31C8344-3E02-4EB8-8BD8-4C84B7959624\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.\"}, {\"lang\": \"es\", \"value\": \"Una p\\u00e9rdida de memoria en las funciones *clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc en el kernel de Linux versiones anteriores a la versi\\u00f3n  5.3.8, permite a atacantes causar una denegaci\\u00f3n de servicio (consumo de memoria). Esto afecta la funci\\u00f3n dce112_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, la funci\\u00f3n dce100_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, la funci\\u00f3n  dcn10_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, la funci\\u00f3n dcn20_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, la funci\\u00f3n dce120_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, la funci\\u00f3n dce110_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, y la funci\\u00f3n dce80_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, tambi\\u00e9n se conoce como CID-055e547478a1.\"}]",
      "id": "CVE-2019-19083",
      "lastModified": "2024-11-21T04:34:09.913",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 4.7, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:N/I:N/A:C\", \"baseScore\": 4.7, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-11-18T06:15:13.890",
      "references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20191205-0001/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4208-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4226-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4227-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4227-2/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20191205-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4208-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4226-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4227-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4227-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-401\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-19083\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-11-18T06:15:13.890\",\"lastModified\":\"2024-11-21T04:34:09.913\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the dce100_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the dcn10_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the dcn20_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the dce120_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the dce110_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the dce80_clock_source_create() function in drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.\"},{\"lang\":\"es\",\"value\":\"Una p\u00e9rdida de memoria en las funciones *clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc en el kernel de Linux versiones anteriores a la versi\u00f3n  5.3.8, permite a atacantes causar una denegaci\u00f3n de servicio (consumo de memoria). Esto afecta la funci\u00f3n dce112_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, la funci\u00f3n dce100_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, la funci\u00f3n  dcn10_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, la funci\u00f3n dcn20_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, la funci\u00f3n dce120_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, la funci\u00f3n dce110_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, y la funci\u00f3n dce80_clock_source_create() en el archivo drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, tambi\u00e9n se conoce como CID-055e547478a1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:N/I:N/A:C\",\"baseScore\":4.7,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.3.8\",\"matchCriteriaId\":\"AEC4B6C4-7934-4B29-A754-F6B88C80CF6E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD783B0C-9246-47D9-A937-6144FE8BFF0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A31C8344-3E02-4EB8-8BD8-4C84B7959624\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20191205-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4208-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4226-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4227-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4227-2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20191205-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4208-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4226-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4227-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4227-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

CERTFR-2019-AVI-612

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SUSE	N/A	SUSE Linux Enterprise High Availability 12-SP5
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 12-SP5
SUSE	N/A	SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 12-SP5
SUSE	N/A	SUSE Linux Enterprise Workstation Extension 12-SP5

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE suse-su-20193200-1 du 06 décembre 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise High Availability 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Software Development Kit 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-15916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15916"
    },
    {
      "name": "CVE-2019-19082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19082"
    },
    {
      "name": "CVE-2019-16995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16995"
    },
    {
      "name": "CVE-2019-18809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18809"
    },
    {
      "name": "CVE-2019-14821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14821"
    },
    {
      "name": "CVE-2019-19227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19227"
    },
    {
      "name": "CVE-2019-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0155"
    },
    {
      "name": "CVE-2019-15030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15030"
    },
    {
      "name": "CVE-2019-19073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19073"
    },
    {
      "name": "CVE-2019-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0154"
    },
    {
      "name": "CVE-2019-19060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19060"
    },
    {
      "name": "CVE-2019-16231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16231"
    },
    {
      "name": "CVE-2019-19062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19062"
    },
    {
      "name": "CVE-2019-18683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18683"
    },
    {
      "name": "CVE-2019-19063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
    },
    {
      "name": "CVE-2019-19078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19078"
    },
    {
      "name": "CVE-2019-11135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11135"
    },
    {
      "name": "CVE-2019-19046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19046"
    },
    {
      "name": "CVE-2019-18805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18805"
    },
    {
      "name": "CVE-2019-19083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
    },
    {
      "name": "CVE-2019-19052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19052"
    },
    {
      "name": "CVE-2019-17666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17666"
    },
    {
      "name": "CVE-2019-19049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19049"
    },
    {
      "name": "CVE-2019-19067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19067"
    },
    {
      "name": "CVE-2019-19080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19080"
    },
    {
      "name": "CVE-2019-19057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19057"
    },
    {
      "name": "CVE-2019-17056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17056"
    },
    {
      "name": "CVE-2019-14835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14835"
    },
    {
      "name": "CVE-2019-15031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15031"
    },
    {
      "name": "CVE-2019-19056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19056"
    },
    {
      "name": "CVE-2019-19058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19058"
    },
    {
      "name": "CVE-2019-19075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19075"
    },
    {
      "name": "CVE-2019-10220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10220"
    },
    {
      "name": "CVE-2019-19068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19068"
    },
    {
      "name": "CVE-2019-19081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19081"
    },
    {
      "name": "CVE-2019-16233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16233"
    },
    {
      "name": "CVE-2017-18595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18595"
    },
    {
      "name": "CVE-2019-17055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17055"
    },
    {
      "name": "CVE-2019-19065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19065"
    },
    {
      "name": "CVE-2019-9506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9506"
    },
    {
      "name": "CVE-2019-18660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
    },
    {
      "name": "CVE-2019-19074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19074"
    },
    {
      "name": "CVE-2019-9456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9456"
    },
    {
      "name": "CVE-2019-14895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14895"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-612",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-12-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20193200-1 du 06 d\u00e9cembre 2019",
      "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1/"
    }
  ]
}

CERTFR-2019-AVI-639

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SUSE	N/A	SUSE Linux Enterprise Module for Legacy Software 15-SP1
SUSE	N/A	SUSE Linux Enterprise Module for Development Tools 15-SP1
SUSE	N/A	SUSE Linux Enterprise Module for Live Patching 15-SP1
SUSE	N/A	SUSE Linux Enterprise Workstation Extension 15-SP1
SUSE	N/A	SUSE Linux Enterprise Module for Basesystem 15-SP1
SUSE	N/A	SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 12-SP4
SUSE	N/A	SUSE Linux Enterprise High Availability 15-SP1

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE suse-su-20193317-1 du 17 décembre 2019	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20193316-1 du 17 décembre 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Module for Legacy Software 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Development Tools 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Basesystem 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-15916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15916"
    },
    {
      "name": "CVE-2019-19082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19082"
    },
    {
      "name": "CVE-2019-19533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19533"
    },
    {
      "name": "CVE-2019-19529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19529"
    },
    {
      "name": "CVE-2019-18809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18809"
    },
    {
      "name": "CVE-2019-19227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19227"
    },
    {
      "name": "CVE-2019-19524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19524"
    },
    {
      "name": "CVE-2019-19073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19073"
    },
    {
      "name": "CVE-2019-19543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19543"
    },
    {
      "name": "CVE-2019-19526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19526"
    },
    {
      "name": "CVE-2019-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0154"
    },
    {
      "name": "CVE-2019-19060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19060"
    },
    {
      "name": "CVE-2019-14901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14901"
    },
    {
      "name": "CVE-2019-19527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19527"
    },
    {
      "name": "CVE-2019-19332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19332"
    },
    {
      "name": "CVE-2019-16231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16231"
    },
    {
      "name": "CVE-2019-19536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19536"
    },
    {
      "name": "CVE-2019-19062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19062"
    },
    {
      "name": "CVE-2019-18683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18683"
    },
    {
      "name": "CVE-2019-15213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15213"
    },
    {
      "name": "CVE-2019-19063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
    },
    {
      "name": "CVE-2019-19078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19078"
    },
    {
      "name": "CVE-2019-19532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19532"
    },
    {
      "name": "CVE-2019-19046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19046"
    },
    {
      "name": "CVE-2019-19338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19338"
    },
    {
      "name": "CVE-2019-19523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19523"
    },
    {
      "name": "CVE-2019-18805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18805"
    },
    {
      "name": "CVE-2019-19083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
    },
    {
      "name": "CVE-2019-19052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19052"
    },
    {
      "name": "CVE-2019-19049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19049"
    },
    {
      "name": "CVE-2019-19077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19077"
    },
    {
      "name": "CVE-2019-19067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19067"
    },
    {
      "name": "CVE-2019-19080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19080"
    },
    {
      "name": "CVE-2019-19057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19057"
    },
    {
      "name": "CVE-2019-19528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19528"
    },
    {
      "name": "CVE-2019-19056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19056"
    },
    {
      "name": "CVE-2019-19058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19058"
    },
    {
      "name": "CVE-2019-19525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19525"
    },
    {
      "name": "CVE-2019-19075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19075"
    },
    {
      "name": "CVE-2019-19534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19534"
    },
    {
      "name": "CVE-2019-19537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19537"
    },
    {
      "name": "CVE-2019-19051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19051"
    },
    {
      "name": "CVE-2019-19530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19530"
    },
    {
      "name": "CVE-2019-19068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19068"
    },
    {
      "name": "CVE-2019-19081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19081"
    },
    {
      "name": "CVE-2019-17055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17055"
    },
    {
      "name": "CVE-2019-19065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19065"
    },
    {
      "name": "CVE-2019-18660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
    },
    {
      "name": "CVE-2019-19074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19074"
    },
    {
      "name": "CVE-2019-14895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14895"
    },
    {
      "name": "CVE-2019-19531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19531"
    },
    {
      "name": "CVE-2019-19535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19535"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-639",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-12-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20193317-1 du 17 d\u00e9cembre 2019",
      "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193317-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20193316-1 du 17 d\u00e9cembre 2019",
      "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193316-1/"
    }
  ]
}

CERTFR-2019-AVI-652

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SUSE	SUSE Linux Enterprise Desktop	SUSE Linux Enterprise Desktop 12-SP4
SUSE	N/A	SUSE Linux Enterprise Software Development Kit 12-SP4
SUSE	N/A	SUSE Linux Enterprise Workstation Extension 12-SP4
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 12-SP4
SUSE	N/A	SUSE Linux Enterprise Module for Public Cloud 15-SP1
SUSE	N/A	SUSE Linux Enterprise High Availability 12-SP4
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 12-SP4

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE SUSE-SU-2019:3371-1 du 19 décembre 2019	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2019:3372-1 du 19 décembre 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Desktop 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Desktop",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Software Development Kit 12-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 12-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Public Cloud 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 12-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-15916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15916"
    },
    {
      "name": "CVE-2019-19082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19082"
    },
    {
      "name": "CVE-2019-19529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19529"
    },
    {
      "name": "CVE-2019-18809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18809"
    },
    {
      "name": "CVE-2019-19227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19227"
    },
    {
      "name": "CVE-2019-19524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19524"
    },
    {
      "name": "CVE-2019-19073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19073"
    },
    {
      "name": "CVE-2019-19543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19543"
    },
    {
      "name": "CVE-2019-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0154"
    },
    {
      "name": "CVE-2019-19060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19060"
    },
    {
      "name": "CVE-2019-14901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14901"
    },
    {
      "name": "CVE-2019-16231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16231"
    },
    {
      "name": "CVE-2019-19536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19536"
    },
    {
      "name": "CVE-2019-19062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19062"
    },
    {
      "name": "CVE-2019-18683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18683"
    },
    {
      "name": "CVE-2019-15213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15213"
    },
    {
      "name": "CVE-2019-19063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
    },
    {
      "name": "CVE-2019-19078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19078"
    },
    {
      "name": "CVE-2019-19046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19046"
    },
    {
      "name": "CVE-2019-18805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18805"
    },
    {
      "name": "CVE-2019-19083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
    },
    {
      "name": "CVE-2019-19052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19052"
    },
    {
      "name": "CVE-2019-19049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19049"
    },
    {
      "name": "CVE-2019-19077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19077"
    },
    {
      "name": "CVE-2019-19067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19067"
    },
    {
      "name": "CVE-2019-19080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19080"
    },
    {
      "name": "CVE-2019-19057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19057"
    },
    {
      "name": "CVE-2019-19528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19528"
    },
    {
      "name": "CVE-2019-19056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19056"
    },
    {
      "name": "CVE-2019-19058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19058"
    },
    {
      "name": "CVE-2019-19525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19525"
    },
    {
      "name": "CVE-2019-19075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19075"
    },
    {
      "name": "CVE-2019-19534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19534"
    },
    {
      "name": "CVE-2019-19530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19530"
    },
    {
      "name": "CVE-2019-19068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19068"
    },
    {
      "name": "CVE-2019-19081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19081"
    },
    {
      "name": "CVE-2019-17055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17055"
    },
    {
      "name": "CVE-2019-19065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19065"
    },
    {
      "name": "CVE-2019-18660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
    },
    {
      "name": "CVE-2019-19074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19074"
    },
    {
      "name": "CVE-2019-14895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14895"
    },
    {
      "name": "CVE-2019-19531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19531"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-652",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-12-20T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:3371-1 du 19 d\u00e9cembre 2019",
      "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193371-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2019:3372-1 du 19 d\u00e9cembre 2019",
      "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193372-1/"
    }
  ]
}

CERTFR-2020-AVI-005

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-4226-1 du 07 janvier 2020	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-4227-1 du 07 janvier 2020	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-4228-1 du 07 janvier 2020	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-4225-1 du 07 janvier 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-19529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19529"
    },
    {
      "name": "CVE-2019-19524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19524"
    },
    {
      "name": "CVE-2019-2214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-2214"
    },
    {
      "name": "CVE-2019-19047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19047"
    },
    {
      "name": "CVE-2019-19526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19526"
    },
    {
      "name": "CVE-2019-19060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19060"
    },
    {
      "name": "CVE-2019-14901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14901"
    },
    {
      "name": "CVE-2019-19072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19072"
    },
    {
      "name": "CVE-2019-16231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16231"
    },
    {
      "name": "CVE-2019-19044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19044"
    },
    {
      "name": "CVE-2019-14896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14896"
    },
    {
      "name": "CVE-2019-19532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19532"
    },
    {
      "name": "CVE-2019-19922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19922"
    },
    {
      "name": "CVE-2019-19807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19807"
    },
    {
      "name": "CVE-2019-18813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18813"
    },
    {
      "name": "CVE-2019-19083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
    },
    {
      "name": "CVE-2019-19055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19055"
    },
    {
      "name": "CVE-2019-19052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19052"
    },
    {
      "name": "CVE-2019-19045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19045"
    },
    {
      "name": "CVE-2019-19067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19067"
    },
    {
      "name": "CVE-2019-19048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19048"
    },
    {
      "name": "CVE-2019-19075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19075"
    },
    {
      "name": "CVE-2019-17133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17133"
    },
    {
      "name": "CVE-2019-10220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10220"
    },
    {
      "name": "CVE-2019-19534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19534"
    },
    {
      "name": "CVE-2019-19051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19051"
    },
    {
      "name": "CVE-2019-16233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16233"
    },
    {
      "name": "CVE-2019-19065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19065"
    },
    {
      "name": "CVE-2019-18660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
    },
    {
      "name": "CVE-2019-17075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17075"
    },
    {
      "name": "CVE-2019-14895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14895"
    },
    {
      "name": "CVE-2019-14897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14897"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-005",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-07T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4226-1 du 07 janvier 2020",
      "url": "https://usn.ubuntu.com/4226-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4227-1 du 07 janvier 2020",
      "url": "https://usn.ubuntu.com/4227-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4228-1 du 07 janvier 2020",
      "url": "https://usn.ubuntu.com/4228-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4225-1 du 07 janvier 2020",
      "url": "https://usn.ubuntu.com/4225-1/"
    }
  ]
}

CERTFR-2020-AVI-013

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Ubuntu	Ubuntu	Ubuntu 14.04 ESM

References

Title

Publication Time

Tags

Bulletin de sécurité Ubuntu USN-4228-2 du 07 janvier 2020	None	vendor-advisory
Bulletin de sécurité Ubuntu USN-4227-2 du 07 janvier 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Ubuntu 14.04 ESM",
      "product": {
        "name": "Ubuntu",
        "vendor": {
          "name": "Ubuntu",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-19529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19529"
    },
    {
      "name": "CVE-2019-19524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19524"
    },
    {
      "name": "CVE-2019-14901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14901"
    },
    {
      "name": "CVE-2019-16231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16231"
    },
    {
      "name": "CVE-2019-14896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14896"
    },
    {
      "name": "CVE-2019-19807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19807"
    },
    {
      "name": "CVE-2019-19083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
    },
    {
      "name": "CVE-2019-19052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19052"
    },
    {
      "name": "CVE-2019-19045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19045"
    },
    {
      "name": "CVE-2019-19534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19534"
    },
    {
      "name": "CVE-2019-16233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16233"
    },
    {
      "name": "CVE-2019-18660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
    },
    {
      "name": "CVE-2019-14895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14895"
    },
    {
      "name": "CVE-2019-14897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14897"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-013",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de\ncode arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4228-2 du 07 janvier 2020",
      "url": "https://usn.ubuntu.com/4228-2/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-4227-2 du 07 janvier 2020",
      "url": "https://usn.ubuntu.com/4227-2/"
    }
  ]
}

CERTFR-2020-AVI-029

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 12-SP5

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE suse-su-20200093-1 du 14 janvier 2020

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Server 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-15916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15916"
    },
    {
      "name": "CVE-2019-19082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19082"
    },
    {
      "name": "CVE-2019-16995",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16995"
    },
    {
      "name": "CVE-2019-19533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19533"
    },
    {
      "name": "CVE-2019-19529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19529"
    },
    {
      "name": "CVE-2019-18809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18809"
    },
    {
      "name": "CVE-2019-14821",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14821"
    },
    {
      "name": "CVE-2019-19966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19966"
    },
    {
      "name": "CVE-2019-19227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19227"
    },
    {
      "name": "CVE-2019-0155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0155"
    },
    {
      "name": "CVE-2019-19524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19524"
    },
    {
      "name": "CVE-2019-15030",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15030"
    },
    {
      "name": "CVE-2019-19073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19073"
    },
    {
      "name": "CVE-2019-19543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19543"
    },
    {
      "name": "CVE-2019-19526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19526"
    },
    {
      "name": "CVE-2019-0154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0154"
    },
    {
      "name": "CVE-2019-19060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19060"
    },
    {
      "name": "CVE-2019-14901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14901"
    },
    {
      "name": "CVE-2019-19527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19527"
    },
    {
      "name": "CVE-2019-19332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19332"
    },
    {
      "name": "CVE-2019-16231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16231"
    },
    {
      "name": "CVE-2019-16234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16234"
    },
    {
      "name": "CVE-2019-19319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19319"
    },
    {
      "name": "CVE-2019-19536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19536"
    },
    {
      "name": "CVE-2019-19062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19062"
    },
    {
      "name": "CVE-2019-18683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18683"
    },
    {
      "name": "CVE-2019-15213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15213"
    },
    {
      "name": "CVE-2019-19063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
    },
    {
      "name": "CVE-2019-19767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19767"
    },
    {
      "name": "CVE-2019-19078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19078"
    },
    {
      "name": "CVE-2019-19532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19532"
    },
    {
      "name": "CVE-2019-11135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-11135"
    },
    {
      "name": "CVE-2019-19046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19046"
    },
    {
      "name": "CVE-2019-16232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16232"
    },
    {
      "name": "CVE-2019-19338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19338"
    },
    {
      "name": "CVE-2019-19523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19523"
    },
    {
      "name": "CVE-2019-18805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18805"
    },
    {
      "name": "CVE-2019-19083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
    },
    {
      "name": "CVE-2019-19052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19052"
    },
    {
      "name": "CVE-2019-17666",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17666"
    },
    {
      "name": "CVE-2019-16746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16746"
    },
    {
      "name": "CVE-2019-19049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19049"
    },
    {
      "name": "CVE-2019-19077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19077"
    },
    {
      "name": "CVE-2019-19067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19067"
    },
    {
      "name": "CVE-2019-19080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19080"
    },
    {
      "name": "CVE-2019-19057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19057"
    },
    {
      "name": "CVE-2019-18808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18808"
    },
    {
      "name": "CVE-2019-17056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17056"
    },
    {
      "name": "CVE-2019-19528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19528"
    },
    {
      "name": "CVE-2019-14835",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14835"
    },
    {
      "name": "CVE-2019-15031",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15031"
    },
    {
      "name": "CVE-2019-19056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19056"
    },
    {
      "name": "CVE-2019-19058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19058"
    },
    {
      "name": "CVE-2018-12207",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12207"
    },
    {
      "name": "CVE-2019-19525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19525"
    },
    {
      "name": "CVE-2019-19075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19075"
    },
    {
      "name": "CVE-2019-17133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17133"
    },
    {
      "name": "CVE-2019-10220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10220"
    },
    {
      "name": "CVE-2019-19534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19534"
    },
    {
      "name": "CVE-2019-19537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19537"
    },
    {
      "name": "CVE-2019-20054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20054"
    },
    {
      "name": "CVE-2019-19051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19051"
    },
    {
      "name": "CVE-2019-19530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19530"
    },
    {
      "name": "CVE-2019-19068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19068"
    },
    {
      "name": "CVE-2019-19081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19081"
    },
    {
      "name": "CVE-2019-19066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19066"
    },
    {
      "name": "CVE-2019-16233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16233"
    },
    {
      "name": "CVE-2019-19447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19447"
    },
    {
      "name": "CVE-2017-18595",
      "url": "https://www.cve.org/CVERecord?id=CVE-2017-18595"
    },
    {
      "name": "CVE-2019-20095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20095"
    },
    {
      "name": "CVE-2019-17055",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-17055"
    },
    {
      "name": "CVE-2019-19065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19065"
    },
    {
      "name": "CVE-2019-9506",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9506"
    },
    {
      "name": "CVE-2019-20096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20096"
    },
    {
      "name": "CVE-2019-18660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
    },
    {
      "name": "CVE-2019-19074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19074"
    },
    {
      "name": "CVE-2019-9456",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-9456"
    },
    {
      "name": "CVE-2019-14895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14895"
    },
    {
      "name": "CVE-2019-19531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19531"
    },
    {
      "name": "CVE-2019-19535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19535"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-029",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-01-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200093-1 du 14 janvier 2020",
      "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1/"
    }
  ]
}

CERTFR-2020-AVI-148

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SUSE	N/A	SUSE Linux Enterprise Module for Realtime 15-SP1
SUSE	SUSE Linux Enterprise Real Time	SUSE Linux Enterprise Real Time Extension 12-SP4
SUSE	SUSE Linux Enterprise Real Time	SUSE Linux Enterprise Real Time Extension 12-SP5
SUSE	N/A	SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE suse-su-20200649-1 du 12 mars 2020	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20200667-1 du 13 mars 2020	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20200605-1 du 06 mars 2020	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20200613-1 du 09 mars 2020	None	vendor-advisory
Bulletin de sécurité SUSE suse-su-20200649-1 du 13 mars 2020	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SUSE Linux Enterprise Module for Realtime 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time Extension 12-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-19082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19082"
    },
    {
      "name": "CVE-2019-19533",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19533"
    },
    {
      "name": "CVE-2019-19529",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19529"
    },
    {
      "name": "CVE-2019-18809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18809"
    },
    {
      "name": "CVE-2019-19036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19036"
    },
    {
      "name": "CVE-2019-19966",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19966"
    },
    {
      "name": "CVE-2019-19227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19227"
    },
    {
      "name": "CVE-2019-19524",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19524"
    },
    {
      "name": "CVE-2020-8992",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8992"
    },
    {
      "name": "CVE-2019-19073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19073"
    },
    {
      "name": "CVE-2019-19543",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19543"
    },
    {
      "name": "CVE-2019-19526",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19526"
    },
    {
      "name": "CVE-2019-19927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19927"
    },
    {
      "name": "CVE-2019-19060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19060"
    },
    {
      "name": "CVE-2019-14901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14901"
    },
    {
      "name": "CVE-2019-19527",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19527"
    },
    {
      "name": "CVE-2019-19332",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19332"
    },
    {
      "name": "CVE-2019-14896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14896"
    },
    {
      "name": "CVE-2019-19319",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19319"
    },
    {
      "name": "CVE-2019-19536",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19536"
    },
    {
      "name": "CVE-2019-19062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19062"
    },
    {
      "name": "CVE-2019-18683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18683"
    },
    {
      "name": "CVE-2019-15213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-15213"
    },
    {
      "name": "CVE-2019-19063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
    },
    {
      "name": "CVE-2019-19767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19767"
    },
    {
      "name": "CVE-2019-19078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19078"
    },
    {
      "name": "CVE-2019-19532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19532"
    },
    {
      "name": "CVE-2019-19046",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19046"
    },
    {
      "name": "CVE-2019-19338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19338"
    },
    {
      "name": "CVE-2020-8648",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
    },
    {
      "name": "CVE-2019-19523",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19523"
    },
    {
      "name": "CVE-2020-8428",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-8428"
    },
    {
      "name": "CVE-2019-19083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
    },
    {
      "name": "CVE-2019-19052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19052"
    },
    {
      "name": "CVE-2019-19045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19045"
    },
    {
      "name": "CVE-2019-16746",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16746"
    },
    {
      "name": "CVE-2019-19049",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19049"
    },
    {
      "name": "CVE-2019-19077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19077"
    },
    {
      "name": "CVE-2019-19067",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19067"
    },
    {
      "name": "CVE-2019-19080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19080"
    },
    {
      "name": "CVE-2020-2732",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-2732"
    },
    {
      "name": "CVE-2019-19057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19057"
    },
    {
      "name": "CVE-2019-18808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18808"
    },
    {
      "name": "CVE-2019-19528",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19528"
    },
    {
      "name": "CVE-2019-19056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19056"
    },
    {
      "name": "CVE-2019-19058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19058"
    },
    {
      "name": "CVE-2019-19318",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19318"
    },
    {
      "name": "CVE-2019-19525",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19525"
    },
    {
      "name": "CVE-2019-19075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19075"
    },
    {
      "name": "CVE-2019-19534",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19534"
    },
    {
      "name": "CVE-2019-19537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19537"
    },
    {
      "name": "CVE-2019-20054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20054"
    },
    {
      "name": "CVE-2019-19051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19051"
    },
    {
      "name": "CVE-2019-19530",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19530"
    },
    {
      "name": "CVE-2019-14615",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14615"
    },
    {
      "name": "CVE-2019-19068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19068"
    },
    {
      "name": "CVE-2019-19081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19081"
    },
    {
      "name": "CVE-2019-19066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19066"
    },
    {
      "name": "CVE-2020-7053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-7053"
    },
    {
      "name": "CVE-2019-19054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19054"
    },
    {
      "name": "CVE-2019-16994",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-16994"
    },
    {
      "name": "CVE-2019-19447",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19447"
    },
    {
      "name": "CVE-2019-20095",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20095"
    },
    {
      "name": "CVE-2019-19065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19065"
    },
    {
      "name": "CVE-2019-20096",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-20096"
    },
    {
      "name": "CVE-2019-18660",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18660"
    },
    {
      "name": "CVE-2019-19074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19074"
    },
    {
      "name": "CVE-2019-14895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14895"
    },
    {
      "name": "CVE-2019-14897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-14897"
    },
    {
      "name": "CVE-2019-19965",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19965"
    },
    {
      "name": "CVE-2019-19531",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19531"
    },
    {
      "name": "CVE-2019-19535",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19535"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200649-1 du 13 mars 2020",
      "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200667-1/"
    }
  ],
  "reference": "CERTFR-2020-AVI-148",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-03-12T00:00:00.000000"
    },
    {
      "description": "Ajout du bulletin de deux bulletins de s\u00e9curit\u00e9",
      "revision_date": "2020-03-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200649-1 du 12 mars 2020",
      "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200649-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200667-1 du 13 mars 2020",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200605-1 du 06 mars 2020",
      "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200605-1/"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20200613-1 du 09 mars 2020",
      "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200613-1/"
    }
  ]
}

CERTFR-2023-AVI-0066

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SUSE	openSUSE Leap	openSUSE Leap 15.4
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS
SUSE	SUSE Manager Proxy	SUSE Manager Proxy 4.3
SUSE	N/A	SUSE Linux Enterprise High Availability 12-SP5
SUSE	N/A	SUSE Linux Enterprise Workstation Extension 15-SP4
SUSE	N/A	SUSE Linux Enterprise Software Development Kit 12-SP5
SUSE	N/A	SUSE Linux Enterprise Module for Public Cloud 15-SP4
SUSE	N/A	SUSE Linux Enterprise Module for Development Tools 15-SP4
SUSE	N/A	SUSE Linux Enterprise Module for Live Patching 15-SP4
SUSE	N/A	SUSE Linux Enterprise High Availability 15-SP4
SUSE	N/A	SUSE Enterprise Storage 7.1
SUSE	N/A	SUSE Linux Enterprise Module for Realtime 15-SP4
SUSE	N/A	SUSE Linux Enterprise High Availability 15-SP3
SUSE	N/A	SUSE Linux Enterprise Module for Legacy Software 15-SP4
SUSE	N/A	SUSE Linux Enterprise Module for Realtime 15-SP3
SUSE	N/A	SUSE Linux Enterprise Module for Live Patching 15-SP3
SUSE	N/A	SUSE Linux Enterprise Realtime Extension 15-SP3
SUSE	N/A	SUSE Linux Enterprise Module for Basesystem 15-SP4
SUSE	N/A	SUSE Linux Enterprise Workstation Extension 12-SP5
SUSE	openSUSE Leap	openSUSE Leap Micro 5.3
SUSE	openSUSE Leap	openSUSE Leap Micro 5.2
SUSE	SUSE Linux Enterprise Desktop	SUSE Linux Enterprise Desktop 12-SP5
SUSE	SUSE Linux Enterprise Desktop	SUSE Linux Enterprise Desktop 15-SP4
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS
SUSE	SUSE Linux Enterprise High Performance Computing	SUSE Linux Enterprise High Performance Computing 12-SP5
SUSE	SUSE Linux Enterprise Live Patching	SUSE Linux Enterprise Live Patching 12-SP5
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.1
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.2
SUSE	SUSE Linux Enterprise Micro	SUSE Linux Enterprise Micro 5.3
SUSE	SUSE Linux Enterprise Real Time	SUSE Linux Enterprise Real Time 15-SP3
SUSE	SUSE Linux Enterprise Real Time	SUSE Linux Enterprise Real Time 15-SP4
SUSE	SUSE Linux Enterprise Real Time	SUSE Linux Enterprise Real Time Extension 12-SP5
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15-SP3
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications 12-SP5
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15-SP4
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 12-SP5
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP 15-SP3
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server 15-SP3-LTSS
SUSE	SUSE Linux Enterprise Server	SUSE Linux Enterprise Server for SAP Applications
SUSE	SUSE Manager Proxy	SUSE Manager Proxy 4.2
SUSE	SUSE Manager Retail Branch Server	SUSE Manager Retail Branch Server 4.2
SUSE	SUSE Manager Retail Branch Server	SUSE Manager Retail Branch Server 4.3
SUSE	SUSE Manager Server	SUSE Manager Server 4.3
SUSE	SUSE Manager Server	SUSE Manager Server 4.2

References

Title

Publication Time

Tags

Bulletin de sécurité SUSE SUSE-SU-2023:0148-1 du 26 janvier 2023	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2023:0145-1 du 25 janvier 2023	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2023:0146-1 du 26 janvier 2023	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2023:0149-1 du 26 janvier 2023	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2023:0147-1 du 26 janvier 2023	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2023:0152-1 du 26 janvier 2023	None	vendor-advisory
Bulletin de sécurité SUSE SUSE-SU-2023:0134-1 du 25 janvier 2023	None	vendor-advisory
Bulletin de sécurité SUSE du 25 janvier 2023	-	other
Bulletin de sécurité SUSE du 26 janvier 2023	-	other
Bulletin de sécurité SUSE du 26 janvier 2023	-	other
Bulletin de sécurité SUSE du 26 janvier 2023	-	other
Bulletin de sécurité SUSE du 26 janvier 2023	-	other
Bulletin de sécurité SUSE du 26 janvier 2023	-	other
Bulletin de sécurité SUSE du 25 janvier 2023	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "openSUSE Leap 15.4",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.3",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Software Development Kit 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Public Cloud 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Development Tools 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Enterprise Storage 7.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Realtime 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Availability 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Legacy Software 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Realtime 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Live Patching 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Realtime Extension 15-SP3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Module for Basesystem 15-SP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Workstation Extension 12-SP5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap Micro 5.3",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "openSUSE Leap Micro 5.2",
      "product": {
        "name": "openSUSE Leap",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Desktop",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Desktop 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Desktop",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise High Performance Computing 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise High Performance Computing",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Live Patching 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Live Patching",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.1",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.2",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Micro 5.3",
      "product": {
        "name": "SUSE Linux Enterprise Micro",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Real Time",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP4",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 12-SP5",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP 15-SP3",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server 15-SP3-LTSS",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Linux Enterprise Server for SAP Applications",
      "product": {
        "name": "SUSE Linux Enterprise Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Proxy 4.2",
      "product": {
        "name": "SUSE Manager Proxy",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.2",
      "product": {
        "name": "SUSE Manager Retail Branch Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Retail Branch Server 4.3",
      "product": {
        "name": "SUSE Manager Retail Branch Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.3",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    },
    {
      "description": "SUSE Manager Server 4.2",
      "product": {
        "name": "SUSE Manager Server",
        "vendor": {
          "name": "SUSE",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-47520",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47520"
    },
    {
      "name": "CVE-2023-23454",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23454"
    },
    {
      "name": "CVE-2022-47929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-47929"
    },
    {
      "name": "CVE-2022-4379",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4379"
    },
    {
      "name": "CVE-2022-42329",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42329"
    },
    {
      "name": "CVE-2023-23455",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
    },
    {
      "name": "CVE-2023-0266",
      "url": "https://www.cve.org/CVERecord?id=CVE-2023-0266"
    },
    {
      "name": "CVE-2022-3643",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3643"
    },
    {
      "name": "CVE-2022-3435",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3435"
    },
    {
      "name": "CVE-2022-4662",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-4662"
    },
    {
      "name": "CVE-2022-3114",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3114"
    },
    {
      "name": "CVE-2022-3564",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3564"
    },
    {
      "name": "CVE-2022-3344",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3344"
    },
    {
      "name": "CVE-2022-3112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3112"
    },
    {
      "name": "CVE-2022-3106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3106"
    },
    {
      "name": "CVE-2022-3107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3107"
    },
    {
      "name": "CVE-2019-19083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
    },
    {
      "name": "CVE-2022-3111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3111"
    },
    {
      "name": "CVE-2022-42328",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-42328"
    },
    {
      "name": "CVE-2022-3115",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3115"
    },
    {
      "name": "CVE-2022-3108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3108"
    },
    {
      "name": "CVE-2022-3113",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3113"
    },
    {
      "name": "CVE-2022-3104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3104"
    },
    {
      "name": "CVE-2022-3105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-3105"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE du 25 janvier 2023",
      "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230145-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
      "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230149-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
      "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230147-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
      "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230148-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
      "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230146-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE du 26 janvier 2023",
      "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230152-1/"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE du 25 janvier 2023",
      "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230134-1/"
    }
  ],
  "reference": "CERTFR-2023-AVI-0066",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2023-01-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer un d\u00e9ni de service, une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0148-1 du 26 janvier 2023",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0145-1 du 25 janvier 2023",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0146-1 du 26 janvier 2023",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0149-1 du 26 janvier 2023",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0147-1 du 26 janvier 2023",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0152-1 du 26 janvier 2023",
      "url": null
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2023:0134-1 du 25 janvier 2023",
      "url": null
    }
  ]
}

CERTFR-2025-AVI-1102

Vulnerability from certfr_avis - Published: 2025-12-12 - Updated: 2025-12-12

De multiples vulnérabilités ont été découvertes dans les produits NetApp. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
NetApp	N/A	HCI Compute Node (Bootstrap OS) toutes versions
NetApp	N/A	FAS/AFF Baseboard Management Controller (BMC) - 8300/8700/A400/C400 versions antérieures à 13.2
NetApp	N/A	E-Series SANtricity OS Controller software versions 11.x antérieures à 11.60.2
NetApp	N/A	HCI Baseboard Management Controller (BMC) - H610S versions antérieures à 2.27
NetApp	N/A	SolidFire & HCI Storage Node (Element Software) versions antérieures à 12.8
NetApp	N/A	SolidFire & HCI Management Node sans le dernier correctif de sécurité
NetApp	N/A	Cloud Backup toutes versions
NetApp	N/A	SolidFire Baseboard Management Controller (BMC) sans le dernier correctif de sécurité
NetApp	N/A	AFF Baseboard Management Controller (BMC) - A700s versions antérieures à 18.1

References

Title

Publication Time

Tags

Bulletin de sécurité NetApp NTAP-20210129-0004	2025-12-09	vendor-advisory
Bulletin de sécurité NetApp NTAP-20191205-0001	2025-12-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "HCI Compute Node (Bootstrap OS) toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "FAS/AFF Baseboard Management Controller (BMC) - 8300/8700/A400/C400 versions ant\u00e9rieures \u00e0 13.2\n",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "E-Series SANtricity OS Controller software versions 11.x ant\u00e9rieures \u00e0 11.60.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "HCI Baseboard Management Controller (BMC) - H610S versions ant\u00e9rieures \u00e0 2.27\n",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "SolidFire \u0026 HCI Storage Node (Element Software) versions ant\u00e9rieures \u00e0 12.8\n",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "SolidFire \u0026 HCI Management Node sans le dernier correctif de s\u00e9curit\u00e9\n",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "Cloud Backup toutes versions",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "SolidFire Baseboard Management Controller (BMC) sans le dernier correctif de s\u00e9curit\u00e9\n",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    },
    {
      "description": "AFF Baseboard Management Controller (BMC) - A700s versions ant\u00e9rieures \u00e0 18.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetApp",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2019-18812",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18812"
    },
    {
      "name": "CVE-2019-19082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19082"
    },
    {
      "name": "CVE-2019-18811",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18811"
    },
    {
      "name": "CVE-2019-19053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19053"
    },
    {
      "name": "CVE-2019-18809",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18809"
    },
    {
      "name": "CVE-2019-19036",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19036"
    },
    {
      "name": "CVE-2019-19037",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19037"
    },
    {
      "name": "CVE-2019-19079",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19079"
    },
    {
      "name": "CVE-2019-19061",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19061"
    },
    {
      "name": "CVE-2019-19073",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19073"
    },
    {
      "name": "CVE-2019-19047",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19047"
    },
    {
      "name": "CVE-2019-18680",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18680"
    },
    {
      "name": "CVE-2019-19060",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19060"
    },
    {
      "name": "CVE-2019-19462",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19462"
    },
    {
      "name": "CVE-2019-19072",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19072"
    },
    {
      "name": "CVE-2019-18810",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18810"
    },
    {
      "name": "CVE-2019-19044",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19044"
    },
    {
      "name": "CVE-2019-19071",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19071"
    },
    {
      "name": "CVE-2019-19062",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19062"
    },
    {
      "name": "CVE-2019-18683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18683"
    },
    {
      "name": "CVE-2019-19063",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
    },
    {
      "name": "CVE-2019-19078",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19078"
    },
    {
      "name": "CVE-2019-19050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19050"
    },
    {
      "name": "CVE-2019-19069",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19069"
    },
    {
      "name": "CVE-2019-18805",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18805"
    },
    {
      "name": "CVE-2019-18813",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18813"
    },
    {
      "name": "CVE-2019-19083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19083"
    },
    {
      "name": "CVE-2019-19052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19052"
    },
    {
      "name": "CVE-2019-19045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19045"
    },
    {
      "name": "CVE-2019-18885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18885"
    },
    {
      "name": "CVE-2019-19077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19077"
    },
    {
      "name": "CVE-2019-19080",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19080"
    },
    {
      "name": "CVE-2019-19057",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19057"
    },
    {
      "name": "CVE-2019-19048",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19048"
    },
    {
      "name": "CVE-2019-18808",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18808"
    },
    {
      "name": "CVE-2019-19056",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19056"
    },
    {
      "name": "CVE-2019-19058",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19058"
    },
    {
      "name": "CVE-2019-19075",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19075"
    },
    {
      "name": "CVE-2019-19051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19051"
    },
    {
      "name": "CVE-2019-19076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19076"
    },
    {
      "name": "CVE-2019-19068",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19068"
    },
    {
      "name": "CVE-2019-19081",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19081"
    },
    {
      "name": "CVE-2019-19066",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19066"
    },
    {
      "name": "CVE-2019-19054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19054"
    },
    {
      "name": "CVE-2019-19059",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19059"
    },
    {
      "name": "CVE-2019-18814",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18814"
    },
    {
      "name": "CVE-2019-19065",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19065"
    },
    {
      "name": "CVE-2019-18807",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-18807"
    },
    {
      "name": "CVE-2019-19074",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19074"
    },
    {
      "name": "CVE-2019-19043",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-19043"
    }
  ],
  "initial_release_date": "2025-12-12T00:00:00",
  "last_revision_date": "2025-12-12T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-1102",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-12-12T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits NetApp. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits NetApp",
  "vendor_advisories": [
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp NTAP-20210129-0004",
      "url": "https://security.netapp.com/advisory/NTAP-20210129-0004"
    },
    {
      "published_at": "2025-12-09",
      "title": "Bulletin de s\u00e9curit\u00e9 NetApp NTAP-20191205-0001",
      "url": "https://security.netapp.com/advisory/NTAP-20191205-0001"
    }
  ]
}

BDU:2020-00118

Vulnerability from fstec - Published: 02.10.2019

Title

Уязвимость функции clock_source_create() (/gpu /drm/amd/display/dc) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции clock_source_create() (/gpu /drm/amd/display/dc) ядра операционной системы Linux связана с утечкой памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Canonical Ltd., ООО «РусБИТех-Астра», Novell Inc., Сообщество свободного программного обеспечения

Software Name

Ubuntu, Astra Linux Common Edition (запись в едином реестре российских программ №4433), OpenSUSE Leap, Linux

Software Version

16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 19.04 (Ubuntu), 2.12 «Орёл» (Astra Linux Common Edition), 15.1 (OpenSUSE Leap), 14.04 ESM (Ubuntu), 19.10 (Ubuntu), от 4.15 до 5.3.7 включительно (Linux)

Possible Mitigations

Использование рекомендаций: Для Linux: https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8 Для Astra Linux: Обновление программного обеспечения (пакета linux) до 5.3.8 или более поздней версии Для Ubuntu: https://usn.ubuntu.com/4208-1/ https://usn.ubuntu.com/4226-1/ https://usn.ubuntu.com/4227-1/ https://usn.ubuntu.com/4227-2/ Для программных продуктов Novell Inc.: https://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html

Reference

http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19083 https://cxsecurity.com/cveshow/CVE-2019-19083/ https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8 https://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html https://security.netapp.com/advisory/ntap-20191205-0001/ https://ubuntu.com/security/notices/USN-4208-1 https://ubuntu.com/security/notices/USN-4226-1 https://ubuntu.com/security/notices/USN-4227-1 https://ubuntu.com/security/notices/USN-4227-2 https://usn.ubuntu.com/4208-1/ https://usn.ubuntu.com/4226-1/ https://usn.ubuntu.com/4227-1/ https://usn.ubuntu.com/4227-2/ https://usn.ubuntu.com/usn/usn-4208-1 https://usn.ubuntu.com/usn/usn-4226-1 https://usn.ubuntu.com/usn/usn-4227-1 https://usn.ubuntu.com/usn/usn-4227-2 https://www.cve.org/CVERecord?id=CVE-2019-19083

CWE

CWE-400, CWE-401

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 19.04 (Ubuntu), 2.12 \u00ab\u041e\u0440\u0451\u043b\u00bb (Astra Linux Common Edition), 15.1 (OpenSUSE Leap), 14.04 ESM (Ubuntu), 19.10 (Ubuntu), \u043e\u0442 4.15 \u0434\u043e 5.3.7 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8\n\n\u0414\u043b\u044f Astra Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 linux) \u0434\u043e 5.3.8 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Ubuntu:\nhttps://usn.ubuntu.com/4208-1/\nhttps://usn.ubuntu.com/4226-1/\nhttps://usn.ubuntu.com/4227-1/\nhttps://usn.ubuntu.com/4227-2/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "02.10.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "04.06.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "15.01.2020",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-00118",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-19083",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), OpenSUSE Leap, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 16.04 LTS , Canonical Ltd. Ubuntu 18.04 LTS , Canonical Ltd. Ubuntu 19.04 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 2.12 \u00ab\u041e\u0440\u0451\u043b\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), Novell Inc. OpenSUSE Leap 15.1 , Canonical Ltd. Ubuntu 14.04 ESM , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u0434\u043e 5.1 , Canonical Ltd. Ubuntu 19.10 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 clock_source_create() (/gpu /drm/amd/display/dc) \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u0440\u0430\u0441\u0445\u043e\u0434 \u0440\u0435\u0441\u0443\u0440\u0441\u0430 (\u00ab\u0418\u0441\u0442\u043e\u0449\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u00bb) (CWE-400), \u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb) (CWE-401)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 clock_source_create() (/gpu /drm/amd/display/dc) \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0443\u0442\u0435\u0447\u043a\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html\nhttps://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19083\nhttps://cxsecurity.com/cveshow/CVE-2019-19083/\nhttps://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8\nhttps://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html\nhttps://security.netapp.com/advisory/ntap-20191205-0001/\nhttps://ubuntu.com/security/notices/USN-4208-1\nhttps://ubuntu.com/security/notices/USN-4226-1\nhttps://ubuntu.com/security/notices/USN-4227-1\nhttps://ubuntu.com/security/notices/USN-4227-2\nhttps://usn.ubuntu.com/4208-1/\nhttps://usn.ubuntu.com/4226-1/\nhttps://usn.ubuntu.com/4227-1/\nhttps://usn.ubuntu.com/4227-2/\nhttps://usn.ubuntu.com/usn/usn-4208-1\nhttps://usn.ubuntu.com/usn/usn-4226-1\nhttps://usn.ubuntu.com/usn/usn-4227-1\nhttps://usn.ubuntu.com/usn/usn-4227-2\nhttps://www.cve.org/CVERecord?id=CVE-2019-19083",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-400, CWE-401",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,7)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,7)"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-19083 (GCVE-0-2019-19083)

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solution

Solutions

Tags

Sightings

Nomenclature