CERTFR-2019-AVI-457
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans le noyau Linux de Red Hat. Elle permet à un attaquant de provoquer une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
Vendor | Product | Description | ||
---|---|---|---|---|
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation 6 x86_64 | ||
Red Hat | N/A | Red Hat Virtualization Host - Extended Update Support 4.2 for RHEL 7.6 x86_64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 ppc64le | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5 ppc64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, big endian 6 ppc64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 7.4 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power 9 7 ppc64le | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server 6 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5 s390x | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop 6 i386 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server 6 i386 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 7.6 x86_64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - TUS 7.4 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Update Support 7.5 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5 ppc64le | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Workstation 6 i386 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for ARM 64 7 aarch64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems 6 s390x | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 6.6 x86_64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - Extended Update Support 7.6 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux Desktop 6 x86_64 | ||
Red Hat | Red Hat Enterprise Linux Server | Red Hat Enterprise Linux Server - AUS 7.6 x86_64 | ||
Red Hat | Red Hat Enterprise Linux | Red Hat Enterprise Linux for Scientific Computing 6 x86_64 |
References
Title | Publication Time | Tags | |||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.4 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Workstation 6 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Virtualization Host - Extended Update Support 4.2 for RHEL 7.6 x86_64", "product": { "name": "N/A", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.4 ppc64le", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5 ppc64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for Power, big endian 6 ppc64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - AUS 7.4 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for Power 9 7 ppc64le", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server 6 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5 s390x", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Desktop 6 i386", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server 6 i386", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - TUS 7.6 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - TUS 7.4 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - Extended Update Support 7.5 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5 ppc64le", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Workstation 6 i386", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for ARM 64 7 aarch64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for IBM z Systems 6 s390x", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - AUS 6.6 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - Extended Update Support 7.6 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Desktop 6 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux Server - AUS 7.6 x86_64", "product": { "name": "Red Hat Enterprise Linux Server", "vendor": { "name": "Red Hat", "scada": false } } }, { "description": "Red Hat Enterprise Linux for Scientific Computing 6 x86_64", "product": { "name": "Red Hat Enterprise Linux", "vendor": { "name": "Red Hat", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2019-14835", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14835" } ], "initial_release_date": "2019-09-23T00:00:00", "last_revision_date": "2019-09-24T00:00:00", "links": [], "reference": "CERTFR-2019-AVI-457", "revisions": [ { "description": "Version initiale", "revision_date": "2019-09-23T00:00:00.000000" }, { "description": "Ajout des bulletins de s\u00e9curit\u00e9 Red Hat RHSA-2019:2867 et RHSA-2019:2869 du 23 septembre 2019", "revision_date": "2019-09-24T00:00:00.000000" } ], "risks": [ { "description": "\u00c9l\u00e9vation de privil\u00e8ges" } ], "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le noyau Linux de Red Hat. Elle\npermet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges.\n", "title": "Vuln\u00e9rabilit\u00e9 dans le noyau Linux de Red Hat", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2869 du 23 septembre 2019", "url": "https://access.redhat.com/errata/RHSA-2019:2869" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2864 du 23 septembre 2019", "url": "https://access.redhat.com/errata/RHSA-2019:2864" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2866 du 23 septembre 2019", "url": "https://access.redhat.com/errata/RHSA-2019:2866" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2867 du 23 septembre 2019", "url": "https://access.redhat.com/errata/RHSA-2019:2867" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2863 du 23 septembre 2019", "url": "https://access.redhat.com/errata/RHSA-2019:2863" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2862 du 23 septembre 2019", "url": "https://access.redhat.com/errata/RHSA-2019:2862" }, { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2019:2865 du 23 septembre 2019", "url": "https://access.redhat.com/errata/RHSA-2019:2865" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…