rhsa-2020_1070
Vulnerability from csaf_redhat
Published
2020-03-31 21:03
Modified
2024-11-15 08:27
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: out of bound read in DVB connexant driver. (CVE-2015-9289)
* kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission (CVE-2017-17807)
* kernel: denial of service via ioctl call in network tun handling (CVE-2018-7191)
* kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)
* kernel: perf_event_open() and execve() race in setuid programs allows a data leak (CVE-2019-3901)
* kernel: brcmfmac frame validation bypass (CVE-2019-9503)
* kernel: null-pointer dereference in hci_uart_set_flow_control (CVE-2019-10207)
* kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884)
* kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service (CVE-2019-12382)
* kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233)
* kernel: integer overflow and OOB read in drivers/block/floppy.c (CVE-2019-14283)
* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916)
* kernel: buffer-overflow hardening in WiFi beacon validation code. (CVE-2019-16746)
* kernel: oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985)
* Kernel: net: weak IP ID generation leads to remote device tracking (CVE-2019-10638)
* Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639)
* kernel: ASLR bypass for setuid binaries due to late install_exec_creds() (CVE-2019-11190)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: out of bound read in DVB connexant driver. (CVE-2015-9289)\n\n* kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission (CVE-2017-17807)\n\n* kernel: denial of service via ioctl call in network tun handling (CVE-2018-7191)\n\n* kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS (CVE-2018-20169)\n\n* kernel: perf_event_open() and execve() race in setuid programs allows a data leak (CVE-2019-3901)\n\n* kernel: brcmfmac frame validation bypass (CVE-2019-9503)\n\n* kernel: null-pointer dereference in hci_uart_set_flow_control (CVE-2019-10207)\n\n* kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command (CVE-2019-11884)\n\n* kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service (CVE-2019-12382)\n\n* kernel: use-after-free in arch/x86/lib/insn-eval.c (CVE-2019-13233)\n\n* kernel: integer overflow and OOB read in drivers/block/floppy.c (CVE-2019-14283)\n\n* kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service (CVE-2019-15916)\n\n* kernel: buffer-overflow hardening in WiFi beacon validation code. (CVE-2019-16746)\n\n* kernel: oob memory read in hso_probe in drivers/net/usb/hso.c (CVE-2018-19985)\n\n* Kernel: net: weak IP ID generation leads to remote device tracking (CVE-2019-10638)\n\n* Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR (CVE-2019-10639)\n\n* kernel: ASLR bypass for setuid binaries due to late install_exec_creds() (CVE-2019-11190)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:1070", "url": "https://access.redhat.com/errata/RHSA-2020:1070" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/7.8_release_notes/index" }, { "category": "external", "summary": "1528335", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528335" }, { "category": "external", "summary": "1550584", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550584" }, { "category": "external", "summary": "1660385", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660385" }, { "category": "external", "summary": "1666106", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666106" }, { "category": "external", "summary": "1690543", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1690543" }, { "category": "external", "summary": "1696087", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696087" }, { "category": "external", "summary": "1699438", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1699438" }, { "category": "external", "summary": "1699856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1699856" }, { "category": "external", "summary": "1701245", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701245" }, { "category": "external", "summary": "1701842", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701842" }, { "category": "external", "summary": "1708718", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1708718" }, { "category": "external", "summary": "1709837", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709837" }, { "category": "external", "summary": "1715554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715554" }, { "category": "external", "summary": "1716328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716328" }, { "category": "external", "summary": "1727756", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727756" }, { "category": "external", "summary": "1729931", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729931" }, { "category": "external", "summary": "1729933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729933" }, { "category": "external", "summary": "1733874", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733874" }, { "category": "external", "summary": "1734243", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1734243" }, { "category": "external", "summary": "1735655", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735655" }, { "category": "external", "summary": "1741775", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741775" }, { "category": "external", "summary": "1750813", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750813" }, { "category": "external", "summary": "1751083", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1751083" }, { "category": "external", "summary": "1760306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760306" }, { "category": "external", "summary": "1772894", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1772894" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1070.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-11-15T08:27:46+00:00", "generator": { "date": "2024-11-15T08:27:46+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2020:1070", "initial_release_date": "2020-03-31T21:03:25+00:00", "revision_history": [ { "date": "2020-03-31T21:03:25+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-03-31T21:03:25+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T08:27:46+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product": { "name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_rt:7" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux for Real Time (v. 7)", "product": { "name": "Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras_rt:7" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm-debuginfo@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm-debuginfo@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm-debuginfo@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "product": { "name": "kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_id": "kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-trace-kvm@3.10.0-1127.rt56.1093.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "product": { "name": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "product_id": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@3.10.0-1127.rt56.1093.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "product": { "name": "kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "product_id": "kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-1127.rt56.1093.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.src as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src" }, "product_reference": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch" }, "product_reference": "kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)", "product_id": "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-NFV-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.src as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src" }, "product_reference": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch" }, "product_reference": "kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)", "product_id": "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" }, "product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "relates_to_product_reference": "7Server-RT-7.8" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-9289", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2019-07-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1735655" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u2019s CX24116 tv-card driver, where an out of bounds read occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. An attacker could use this flaw to leak kernel private information to userspace.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out of bound read in DVB connexant driver.", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw requires a Conexant CX24116 series TV-media card to be in the system for this driver to load. This flaw is when an attacker attempts to use the card to communicate with a satellite tv control subsystem ( via Digital Satellite Equipment Control command) by issuing a specially crafted ioctl to the device.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2015-9289" }, { "category": "external", "summary": "RHBZ#1735655", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735655" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2015-9289", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9289" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2015-9289", "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-9289" } ], "release_date": "2019-07-27T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: out of bound read in DVB connexant driver." }, { "cve": "CVE-2017-17807", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2017-12-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1528335" } ], "notes": [ { "category": "description", "text": "The KEYS subsystem in the Linux kernel omitted an access-control check when writing a key to the current task\u0027s default keyring, allowing a local user to bypass security checks to the keyring. This compromises the validity of the keyring for those who rely on it.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This is not currently planned to be addressed in future updates of the product due to its life cycle. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.\n\nThis issue affects the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 6, 7, its real-time kernel, Red Hat Enterprise MRG 2, Red Hat Enterprise Linux 7 for ARM 64 and Red Hat Enterprise Linux 7 for Power 9 LE. Future Linux kernel updates for the respective releases may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2017-17807" }, { "category": "external", "summary": "RHBZ#1528335", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528335" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2017-17807", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17807" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17807", "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17807" } ], "release_date": "2017-12-08T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission" }, { "cve": "CVE-2018-7191", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2019-05-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1716328" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s implementation of networking tunnel device ioctl. A local attacker can cause a denial of service (NULL pointer dereference and panic) via an ioctl (TUNSETIFF) call with a dev name containing a / character.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: denial of service via ioctl call in network tun handling", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-7191" }, { "category": "external", "summary": "RHBZ#1716328", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716328" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-7191", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7191" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7191", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7191" } ], "release_date": "2018-01-17T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: denial of service via ioctl call in network tun handling" }, { "cve": "CVE-2018-19985", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1666106" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel in the function hso_probe() which reads if_num value from the USB device (as an u8) and uses it without a length check to index an array, resulting in an OOB memory read in hso_probe() or hso_get_config_data(). An attacker with a forged USB device and physical access to a system (needed to connect such a device) can cause a system crash and a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: oob memory read in hso_probe in drivers/net/usb/hso.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-19985" }, { "category": "external", "summary": "RHBZ#1666106", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666106" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-19985", "url": "https://www.cve.org/CVERecord?id=CVE-2018-19985" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19985", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19985" } ], "release_date": "2018-12-12T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: oob memory read in hso_probe in drivers/net/usb/hso.c" }, { "cve": "CVE-2018-20169", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2018-12-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1660385" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in the Linux kernel\u0027s USB subsystem in the __usb_get_extra_descriptor() function in the drivers/usb/core/usb.c which mishandles a size check during the reading of an extra descriptor data. By using a specially crafted USB device which sends a forged extra descriptor, an unprivileged user with physical access to the system can potentially cause a privilege escalation or trigger a system crash or lock up and thus to cause a denial of service (DoS).", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-20169" }, { "category": "external", "summary": "RHBZ#1660385", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660385" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-20169", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20169" } ], "release_date": "2018-12-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS" }, { "cve": "CVE-2019-3901", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "discovery_date": "2019-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701245" } ], "notes": [ { "category": "description", "text": "A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execve() syscall with setuid execution before perf_event_alloc() actually attaches to it, allowing an attacker to bypass the ptrace_may_access() check and the perf_event_exit_task(current) call that is performed in install_exec_creds() during privileged execve() calls.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: perf_event_open() and execve() race in setuid programs allows a data leak", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-3901" }, { "category": "external", "summary": "RHBZ#1701245", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701245" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-3901", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3901" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3901", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3901" } ], "release_date": "2016-04-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: perf_event_open() and execve() race in setuid programs allows a data leak" }, { "cve": "CVE-2019-9503", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-04-18T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1701842" } ], "notes": [ { "category": "description", "text": "If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and not be processed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a WiFi dongle). This can allow firmware event frames from a remote source to be processed and this can result in denial of service (DoS) condition.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: brcmfmac frame validation bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-9503" }, { "category": "external", "summary": "RHBZ#1701842", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701842" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-9503", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9503" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9503", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9503" }, { "category": "external", "summary": "https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html#cve-2019-9503-remotely-sending-firmware-events-bypassing-is-wlc-event-frame", "url": "https://blog.quarkslab.com/reverse-engineering-broadcom-wireless-chipsets.html#cve-2019-9503-remotely-sending-firmware-events-bypassing-is-wlc-event-frame" }, { "category": "external", "summary": "https://kb.cert.org/vuls/id/166939/", "url": "https://kb.cert.org/vuls/id/166939/" }, { "category": "external", "summary": "https://www.bleepingcomputer.com/news/security/broadcom-wifi-driver-flaws-expose-computers-phones-iot-to-rce-attacks/", "url": "https://www.bleepingcomputer.com/news/security/broadcom-wifi-driver-flaws-expose-computers-phones-iot-to-rce-attacks/" } ], "release_date": "2019-02-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: brcmfmac frame validation bypass" }, { "cve": "CVE-2019-10207", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2019-07-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1733874" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u2019s Bluetooth implementation of UART. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially crafted ioctl function call and cause the system to crash.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: null-pointer dereference in hci_uart_set_flow_control", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10207" }, { "category": "external", "summary": "RHBZ#1733874", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733874" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10207", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10207" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10207", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10207" } ], "release_date": "2019-07-29T13:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: null-pointer dereference in hci_uart_set_flow_control" }, { "cve": "CVE-2019-10638", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-07-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1729931" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a net_hash_mix() function. A remote user could observe a weak IP ID generation in this field to track Linux devices.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: net: weak IP ID generation leads to remote device tracking", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 7, 8 and Red Hat Enterprise MRG 2 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10638" }, { "category": "external", "summary": "RHBZ#1729931", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729931" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10638", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10638" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10638", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10638" }, { "category": "external", "summary": "https://arxiv.org/pdf/1906.10478.pdf", "url": "https://arxiv.org/pdf/1906.10478.pdf" } ], "release_date": "2019-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Kernel: net: weak IP ID generation leads to remote device tracking" }, { "cve": "CVE-2019-10639", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-07-06T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1729933" } ], "notes": [ { "category": "description", "text": "A flaw was found in the way the Linux kernel derived the IP ID field from a partial kernel space address returned by a net_hash_mix() function. A remote user could observe this IP ID field to extract the kernel\u00a0address bits used to derive its value, which may result in leaking the hash key and potentially defeating KASLR.", "title": "Vulnerability description" }, { "category": "summary", "text": "Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6.\n\nThis issue affects the version of Linux kernel as shipped with Red Hat Enterprise Linux 7, 8 and Red Hat Enterprise MRG 2. Future kernel updates for Red Hat Enterprise Linux 7, 8 and Red Hat Enterprise MRG 2 may address this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-10639" }, { "category": "external", "summary": "RHBZ#1729933", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1729933" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-10639", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10639" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10639", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10639" }, { "category": "external", "summary": "https://arxiv.org/pdf/1906.10478.pdf", "url": "https://arxiv.org/pdf/1906.10478.pdf" } ], "release_date": "2019-07-15T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "Kernel: net: using kernel space address bits to derive IP ID may potentially break KASLR" }, { "cve": "CVE-2019-11190", "cwe": { "id": "CWE-250", "name": "Execution with Unnecessary Privileges" }, "discovery_date": "2019-04-03T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1699856" } ], "notes": [ { "category": "description", "text": "A flaw in the load_elf_binary() function in the Linux kernel allows a local attacker to leak the base address of .text and stack sections for setuid binaries and bypass ASLR because install_exec_creds() is called too late in this function.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: ASLR bypass for setuid binaries due to late install_exec_creds()", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11190" }, { "category": "external", "summary": "RHBZ#1699856", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1699856" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11190", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11190" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11190", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11190" } ], "release_date": "2019-04-03T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: ASLR bypass for setuid binaries due to late install_exec_creds()" }, { "cve": "CVE-2019-11884", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "discovery_date": "2019-05-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1709837" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u0027s implementation of the Bluetooth Human Interface Device Protocol (HIDP). A local attacker with access permissions to the Bluetooth device can issue an IOCTL which will trigger the do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c.c. This function can leak potentially sensitive information from the kernel stack memory via a HIDPCONNADD command because a name field may not be correctly NULL terminated.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-11884" }, { "category": "external", "summary": "RHBZ#1709837", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1709837" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11884", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11884" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11884", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11884" } ], "release_date": "2019-05-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command" }, { "cve": "CVE-2019-12382", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2019-05-28T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1715554" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Linux kernel\u2019s implementation of Extended Display Identification Data (EDID) technology. A firmware identifier string is duplicated with the kstrdup function, and the allocation may fail under very low memory conditions. An attacker could abuse this flaw by causing a Denial of Service and crashing the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-12382" }, { "category": "external", "summary": "RHBZ#1715554", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715554" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-12382", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12382" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12382", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12382" } ], "release_date": "2019-05-24T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: unchecked kstrdup of fwstr in drm_load_edid_firmware leads to denial of service" }, { "cve": "CVE-2019-13233", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2019-07-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1727756" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the arch/x86/lib/insn-eval.c function in the Linux kernel. An attacker could corrupt the memory due to a flaw in use-after-free access to an LDT entry caused by a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in arch/x86/lib/insn-eval.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-13233" }, { "category": "external", "summary": "RHBZ#1727756", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727756" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-13233", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13233" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-13233", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13233" } ], "release_date": "2019-07-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: use-after-free in arch/x86/lib/insn-eval.c" }, { "cve": "CVE-2019-14283", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "discovery_date": "2019-07-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1734243" } ], "notes": [ { "category": "description", "text": "A vulnerability was found in the Linux kernel\u2019s floppy disk driver implementation. A local attacker with access to the floppy device could call set_geometry in drivers/block/floppy.c, which does not validate the sect and head fields, causing an integer overflow and out-of-bounds read. This flaw may crash the system or allow an attacker to gather information causing subsequent successful attacks.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: integer overflow and OOB read in drivers/block/floppy.c", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14283" }, { "category": "external", "summary": "RHBZ#1734243", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1734243" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14283", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14283" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14283", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14283" }, { "category": "external", "summary": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=da99466ac243f15fbba65bd261bfc75ffa1532b6", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=da99466ac243f15fbba65bd261bfc75ffa1532b6" }, { "category": "external", "summary": "https://github.com/torvalds/linux/commit/da99466ac243f15fbba65bd261bfc75ffa1532b6", "url": "https://github.com/torvalds/linux/commit/da99466ac243f15fbba65bd261bfc75ffa1532b6" } ], "release_date": "2019-07-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" }, { "category": "workaround", "details": "The kernel module named \u0027floppy\u0027 contains the affected code, this can be blacklisted using the standard blacklisting techniques or disabled in the systems BIOS. See https://access.redhat.com/solutions/41278 for how to blacklist a kernel module.\n\nVirtualized guest systems can also remove the system from the guests configuration to ensure that the module does not load.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: integer overflow and OOB read in drivers/block/floppy.c" }, { "acknowledgments": [ { "names": [ "Huangwen" ], "organization": "ADLab of Venustech" } ], "cve": "CVE-2019-14815", "cwe": { "id": "CWE-122", "name": "Heap-based Buffer Overflow" }, "discovery_date": "2019-08-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1744137" } ], "notes": [ { "category": "description", "text": "A vulnerability found in the Linux kernel\u0027s WMM implementation for Marvell WiFi-based hardware (mwifiex) could lead to a denial of service or allow arbitrary code execution. For this flaw to be executed, the attacker must be both local and privileged. There is no mitigation to this flaw. A patch has been provided to remediate this flaw.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-14815" }, { "category": "external", "summary": "RHBZ#1744137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744137" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-14815", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14815" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14815", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14815" } ], "release_date": "2019-08-28T10:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: heap-overflow in mwifiex_set_wmm_params() function of Marvell WiFi driver leading to DoS" }, { "cve": "CVE-2019-15221", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2019-08-02T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1749974" } ], "notes": [ { "category": "description", "text": "A NULL pointer dereference flaw was found in the way the LINE6 drivers in the Linux kernel allocated buffers for USB packets. This flaw allows an attacker with physical access to the system to crash the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Null pointer dereference in the sound/usb/line6/pcm.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue is rated as having Low impact because of the physical access needed to trigger this issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-15221" }, { "category": "external", "summary": "RHBZ#1749974", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749974" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-15221", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15221" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15221", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15221" } ], "release_date": "2019-08-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" }, { "category": "workaround", "details": "To mitigate this issue, prevent module snd-usb-line6 from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "kernel: Null pointer dereference in the sound/usb/line6/pcm.c" }, { "cve": "CVE-2019-15916", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2019-09-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1750813" } ], "notes": [ { "category": "description", "text": "A flaw that allowed an attacker to leak kernel memory was found in the network subsystem where an attacker with permissions to create tun/tap devices can create a denial of service and panic the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-15916" }, { "category": "external", "summary": "RHBZ#1750813", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750813" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-15916", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15916" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15916", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15916" } ], "release_date": "2019-09-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service" }, { "cve": "CVE-2019-16746", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2019-09-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1760306" } ], "notes": [ { "category": "description", "text": "A flaw in the Linux kernel\u0027s WiFi beacon validation code was discovered. The code does not check the length of the variable length elements in the beacon head potentially leading to a buffer overflow. System availability, as well as data confidentiality and integrity, can be impacted by this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: buffer-overflow hardening in WiFi beacon validation code.", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-16746" }, { "category": "external", "summary": "RHBZ#1760306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760306" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16746", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16746" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16746", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16746" } ], "release_date": "2019-09-11T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-03-31T21:03:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:1070" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-NFV-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-NFV-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-NFV-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.src", "7Server-RT-7.8:kernel-rt-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-doc-0:3.10.0-1127.rt56.1093.el7.noarch", "7Server-RT-7.8:kernel-rt-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-devel-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-0:3.10.0-1127.rt56.1093.el7.x86_64", "7Server-RT-7.8:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1127.rt56.1093.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: buffer-overflow hardening in WiFi beacon validation code." } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.