var-201908-1958
Vulnerability from variot
The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Bluetooth BR/EDR The entropy negotiation of the encryption key used for encryption on the connection has a problem that is vulnerable to man-in-the-middle attacks by design. A third party Bluetooth BR/EDR The entropy of the encryption key used for communication 1 Force byte (Key Negotiation Of Bluetooth (KNOB) attack) Brute force attacks on subsequent communications (Brute force attack) May be able to decrypt and intercept the contents. Bluetooth Is Bluetooth Basic Rate / Enhanced Data Rate (Bluetooth BR/EDR) Includes core configuration 6 A short-range wireless technology based on different core specifications and used for low-power short-range communications. Bluetooth To establish encrypted communication for 2 Horn Bluetooth You need to establish a link key that the device will pair and use to generate the encryption key used for encryption at the link layer. The entropy of the encryption key is 1 From bytes 16 In bytes length Bluetooth Set between controllers. When an attacker interrupts the encryption key entropy setting request between controllers and each controller accepts a low entropy setting, encrypted communication with low entropy is forced, resulting in a brute force attack (Brute force attack) Because of this, communication between devices may be easily decrypted.Man-in-the-middle attacks (man-in-the-middle attack) There is a possibility of eavesdropping on encrypted communication by. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. This advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability.
This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64
Bug Fix(es):
-
Backport TCP follow-up for small buffers (BZ#1739184)
-
TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)
-
RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548)
-
block: blk-mq improvement (BZ#1780567)
-
RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111)
-
blk-mq: overwirte performance drops on real MQ device (BZ#1782183)
-
RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705)
Bug Fix(es):
-
port show-kabi to python3 (BZ#1806924)
-
7.6) - ppc64le, x86_64
-
Description:
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
Bug Fix(es):
-
kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:3055-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3055 Issue date: 2019-10-15 CVE Names: CVE-2018-20856 CVE-2019-3846 CVE-2019-9506 CVE-2019-10126 ==================================================================== 1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
-
kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)
-
kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)
-
hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)
-
kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fixes:
-
gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)
-
[FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740178)
-
high update_cfs_rq_blocked_load contention (BZ#1740180)
-
[Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows Server 2019. (BZ#1740188)
-
kvm: backport cpuidle-haltpoll driver (BZ#1740192)
-
Growing unreclaimable slab memory (BZ#1741920)
-
[bnx2x] ping failed from pf to vf which has been attached to vm (BZ#1741926)
-
[Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324)
-
Macsec: inbound MACSEC frame is unexpectedly dropped with InPktsNotValid (BZ#1744442)
-
RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6 address (BZ#1744443)
-
RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE system (BZ#1744444)
-
NFSv4.0 client sending a double CLOSE (leading to EIO application failure) (BZ#1744946)
-
[Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but the VM was unavailable for 2 hours (BZ#1748239)
-
NFS client autodisconnect timer may fire immediately after TCP connection setup and may cause DoS type reconnect problem in complex network environments (BZ#1749290)
-
[Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296)
-
Allows macvlan to operated correctly over the active-backup mode to support bonding events. (BZ#1751579)
-
[LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ#1752421)
Users of kernel are advised to upgrade to these updated packages, which fix these bugs.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1713059 - CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c 1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c 1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) 1738705 - CVE-2018-20856 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-1062.4.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm
x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-1062.4.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm
x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-1062.4.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm
ppc64: bpftool-3.10.0-1062.4.1.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-3.10.0-1062.4.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.1.el7.ppc64.rpm kernel-devel-3.10.0-1062.4.1.el7.ppc64.rpm kernel-headers-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.ppc64.rpm perf-3.10.0-1062.4.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm python-perf-3.10.0-1062.4.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm
ppc64le: bpftool-3.10.0-1062.4.1.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-devel-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-headers-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.ppc64le.rpm perf-3.10.0-1062.4.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm python-perf-3.10.0-1062.4.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm
s390x: bpftool-3.10.0-1062.4.1.el7.s390x.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-3.10.0-1062.4.1.el7.s390x.rpm kernel-debug-3.10.0-1062.4.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.s390x.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1062.4.1.el7.s390x.rpm kernel-devel-3.10.0-1062.4.1.el7.s390x.rpm kernel-headers-3.10.0-1062.4.1.el7.s390x.rpm kernel-kdump-3.10.0-1062.4.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-1062.4.1.el7.s390x.rpm perf-3.10.0-1062.4.1.el7.s390x.rpm perf-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm python-perf-3.10.0-1062.4.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm
x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm
ppc64le: bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm
x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-1062.4.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm
x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-20856 https://access.redhat.com/security/cve/CVE-2019-3846 https://access.redhat.com/security/cve/CVE-2019-9506 https://access.redhat.com/security/cve/CVE-2019-10126 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXaYG69zjgjWX9erEAQjA1Q/7Bte0lgWfI6xE9bw9FqrE7ZFw3Jq5bqV1 8PYYAZBFCLUHsC1HS33jiTGGaS5xbqR4yrtNCnZHLhsZU6w9avm0zDFW2CEzAwRC Uri5R30mCVtc2p3jsHupNKrKhzzkmKjz2J5gYn+ubX9Ok7ScxZZ8ucF9kJcSx7LL qswocd0lWkbjy/2MY0t6MCMnvoNvgOB1XEmQE5a9CHrHtKe9kEJcWJUht6vXqhZ4 SJYkMLDIsDYOXFsWBwZnKT0BVXNurS9+g7b7MX4ZaQATN5MD9x7jP7FYTIp8lhyJ NKOqa8/D5eFGKF3YlgySgqXZ22XT1MasENDJ7OS62lRQd+/eeznyK0CUOAtILLvH 1GTfXgz8nvMynX+ZKkiZv5+tEFCWFNKkHudYuzoirFa+p29l0YWW6SjfPN+c3NnE 9DLfZhqYuX2tcx3O8khxjS/okRh5mBFQvzXlWqyPmgqsbjP0L5R2YoPNMzzGB3OQ FA/QgjD8AD9Tn8+rZM+VeoWVYTwPT8OMv1wMEqOeJLIxR8/DiY42YEQiNBU2na4W AYajLwK6d3Ey+DV+/5YwjWWQOyyTxP9Q8F0xb61HdQmq1dILZJgFBmVR5ilxlpoJ sHiYCTKF/M8DbDGSWwZkD69ZPtBWPGvTI0XkgTIfhcTeF2BRL2UZkszrM72QjGqH OQh6hA3MyvA=zvD0 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Description:
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Bug Fix(es):
-
kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3
watchOS 5.3 addresses the following:
Bluetooth Available for: Apple Watch Series 1 and later Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB) Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole Tippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of University of Oxford, England Entry added August 13, 2019
Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8647: Samuel Groß and Natalie Silvanovich of Google Project Zero
Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8660: Samuel Groß and Natalie Silvanovich of Google Project Zero
Digital Touch Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8624: Natalie Silvanovich of Google Project Zero
FaceTime Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu
Foundation Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero
Heimdal Available for: Apple Watch Series 1 and later Impact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst
libxslt Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to view sensitive information Description: A stack overflow was addressed with improved input validation. CVE-2019-13118: found by OSS-Fuzz
Messages Available for: Apple Watch Series 1 and later Impact: Users removed from an iMessage conversation may still be able to alter state Description: This issue was addressed with improved checks. CVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of University of Oregon
Messages Available for: Apple Watch Series 1 and later Impact: A remote attacker may cause an unexpected application termination Description: A denial of service issue was addressed with improved validation. CVE-2019-8665: Michael Hernandez of XYZ Marketing
Quick Look Available for: Apple Watch Series 1 and later Impact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary Description: This issue was addressed with improved checks. CVE-2019-8662: Natalie Silvanovich and Samuel Groß of Google Project Zero
Siri Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero
UIFoundation Available for: Apple Watch Series 1 and later Impact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
Wallet Available for: Apple Watch Series 1 and later Impact: A user may inadvertently complete an in-app purchase while on the lock screen Description: The issue was addressed with improved UI handling. CVE-2019-8682: Jeff Braswell (JeffBraswell.com)
WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative
WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative CVE-2019-8672: Samuel Groß of Google Project Zero CVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech CVE-2019-8683: lokihardt of Google Project Zero CVE-2019-8684: lokihardt of Google Project Zero CVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL CVE-2019-8688: Insu Yun of SSLab at Georgia Tech CVE-2019-8689: lokihardt of Google Project Zero
Additional recognition
MobileInstallation We would like to acknowledge Dany Lisiansky (@DanyL931) for their assistance.
Installation note:
Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About". 7.4) - noarch, x86_64
Bug Fix(es):
-
Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)
-
powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745436)
-
powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745438)
-
ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745446)
4
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201908-1958", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "cornell-tl10b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.333\\(c01e333r1p1t8\\)" }, { "model": "p30", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "lelandp-l22d", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "leland-tl10b", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "columbia-tl00d", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "8.1.0.186\\(c01gt\\)" }, { "model": "y6 2019", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "19.04" }, { "model": "tvos", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "12.4" }, { "model": "cairogo-l22", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "cairogo-l22c461b153" }, { "model": "enterprise linux server", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.0" }, { "model": "princeton-tl10c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "ever-l29b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.338\\(c185e3r3p1\\)" }, { "model": "princeton-al10d", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "cornell-l29a", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.341\\(c185e1r1p9t8\\)" }, { "model": "emily-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.325\\(c185e2r1p12t8\\)" }, { "model": "leland-l32c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "yale-tl00b", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "berkeley-l09", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c10e3r1p14t8\\)" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.12.6" }, { "model": "bla-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.307\\(c635e4r1p13t8\\)" }, { "model": "virtualization host eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "4.2" }, { "model": "nova 3", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.7" }, { "model": "laya-al00ep", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "bla-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.306\\(c432e4r1p11t8\\)" }, { "model": "figo-l31", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.158\\(c432e8r1p5t8\\)" }, { "model": "charlotte-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.328\\(c782e10r1p9t8\\)" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.6" }, { "model": "berkeley-l09", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.332\\(c432e5r1p13t8\\)" }, { "model": "lelandp-l22c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "ares-al10d", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.160\\(c00e160r2p5t8\\)" }, { "model": "y6 prime 2018", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "sydney-l21", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "18.04" }, { "model": "cornell-al00ind", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "8.2.0.141\\(c675custc675d1gt\\)" }, { "model": "leap", "scope": "eq", "trust": 1.0, "vendor": "opensuse", "version": "15.0" }, { "model": "paris-al00ic", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "atomu-l42", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "8.0.0.155\\(c636custc636d1\\)" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.3" }, { "model": "honor 20 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.155\\(c10e2r3p1\\)" }, { "model": "madrid-tl00a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "enterprise linux", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.0" }, { "model": "enterprise linux aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.5" }, { "model": "enterprise linux for real time for nfv", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8" }, { "model": "florida-l21", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.150\\(c185e6r1p5t8\\)" }, { "model": "columbia-l29d", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c636e3r1p13t8\\)" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.4" }, { "model": "figo-l31", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.137\\(c33e8r1p5t8\\)" }, { "model": "honor 20 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.171\\(c10e2r3p1\\)" }, { "model": "leland-tl10c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "madrid-al00a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "cornell-al10ind", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.363\\(c675e2r1p9t8\\)" }, { "model": "nova 5i pro", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "jakarta-al00a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "yale-l21a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "cornell-al00a", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.333\\(c00e333r1p1t8\\)" }, { "model": "columbia-l29d", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.351\\(c432e5r1p13t8\\)" }, { "model": "nova lite 3", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "honor 20 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.172\\(c432e2r5p1\\)" }, { "model": "enterprise linux tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.6" }, { "model": "cornell-l29a", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.336\\(c636e2r1p12t8\\)" }, { "model": "enterprise linux for real time", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7" }, { "model": "sydney-l22", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "dura-tl00a", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "1.0.0.176\\(c01\\)" }, { "model": "p20", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "y9 2019", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "potter-al00c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "florida-tl10b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.128\\(c01e112r1p6t8\\)" }, { "model": "sydneym-l22", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.7" }, { "model": "lelandp-al10b", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "berkeley-tl10", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.333\\(c01e333r1p1t8\\)" }, { "model": "ubuntu linux", "scope": "eq", "trust": 1.0, "vendor": "canonical", "version": "16.04" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.2" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.6" }, { "model": "p30 pro", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "cornell-l29a", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.342\\(c461e1r1p9t8\\)" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.4" }, { "model": "figo-l23", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.160\\(c605e6r1p5t8\\)" }, { "model": "imanager neteco 6000", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "berkeley-l09", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c636e4r1p13t8\\)" }, { "model": "emily-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.328\\(c432e7r1p11t8\\)" }, { "model": "honor 20 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.154\\(c432e2r5p1\\)" }, { "model": "tony-tl00b", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "harry-al00c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "florida-l22", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.150\\(c636e6r1p5t8\\)" }, { "model": "honor 20", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.149\\(c675e8r2p1\\)" }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.2" }, { "model": "honor 20 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.170\\(c185e2r5p1\\)" }, { "model": "nova 5", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "leland-l42c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "honor 8a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "lelandp-al10d", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "figo-tl10b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.130\\(c01e115r2p8t8\\)" }, { "model": "tony-al00b", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "bla-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.306\\(c185e2r1p13t8\\)" }, { "model": "london-al40ind", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "harry-al10b", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "johnson-tl00d", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "alp-al00b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.333\\(c00e333r2p1t8\\)" }, { "model": "emily-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.326\\(c635e2r1p11t8\\)" }, { "model": "p smart", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.1" }, { "model": "asoka-al00ax", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.1.181\\(c00e48r6p1\\)" }, { "model": "columbia-al10i", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.335\\(c675e8r1p9t8\\)" }, { "model": "sydneym-l23", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "ares-tl00c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.165\\(c01e165r2p5t8\\)" }, { "model": "enterprise linux for real time for nfv eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.2" }, { "model": "cornell-l29a", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.347\\(c432e1r1p9t8\\)" }, { "model": "enterprise linux for real time eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.2" }, { "model": "katyusha-al00a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "paris-l29b", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "sydneym-l01", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "florida-al20b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.128\\(c00e112r1p6t8\\)" }, { "model": "columbia-l29d", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c185e3r1p12t8\\)" }, { "model": "potter-al10a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "linux", "scope": "eq", "trust": 1.0, "vendor": "debian", "version": "8.0" }, { "model": "yale-l61c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "iphone os", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "12.4" }, { "model": "sydney-l22br", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "sydneym-al00", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "charlotte-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.328\\(c432e5r1p9t8\\)" }, { "model": "honor 20 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.170\\(c636e2r3p1\\)" }, { "model": "enterprise linux eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.4" }, { "model": "dubai-al00a", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "8.2.0.190\\(c00r2p2\\)" }, { "model": "android", "scope": "eq", "trust": 1.0, "vendor": "google", "version": null }, { "model": "charlotte-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.311\\(c605e2r1p11t8\\)" }, { "model": "honor 20", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.143\\(c675e8r2p1\\)" }, { "model": "hima-l29c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "atomu-l33", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "8.0.0.147\\(c605custc605d1\\)" }, { "model": "enterprise linux for real time for nfv", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7" }, { "model": "bla-tl00b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.329\\(c01e320r1p1t8\\)" }, { "model": "emily-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.325\\(c636e7r1p13t8\\)" }, { "model": "dura-al00a", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "1.0.0.182\\(c00\\)" }, { "model": "charlotte-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.325\\(c636e2r1p12t8\\)" }, { "model": "emily-l29c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "8.1.0.156\\(c605\\)" }, { "model": "p smart 2019", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.14.5" }, { "model": "harry-tl00c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "enterprise linux for real time", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8" }, { "model": "y6 pro 2019", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "honor view 10", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "berkeley-al20", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.333\\(c00e333r2p1t8\\)" }, { "model": "johnson-tl00f", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "figo-l31", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.122\\(c09e7r1p5t8\\)" }, { "model": "columbia-l29d", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c10e5r1p14t8\\)" }, { "model": "yalep-al10b", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "florida-l23", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.154\\(c605e7r1p2t8\\)" }, { "model": "yale-al50a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "emily-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.311\\(c461e2r1p11t8\\)" }, { "model": "enterprise linux for real time for nfv eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.4" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.7" }, { "model": "enterprise linux for real time eus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.4" }, { "model": "honor 8x", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "figo-l31", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": "8.0.0.122d\\(c652\\)" }, { "model": "mate 20 x", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "cornell-al00i", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.363\\(c675e3r1p9t8\\)" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.6" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.4" }, { "model": "nova 4", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "leland-l42a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "sydney-al00", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "figo-l31", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.165\\(c10e8r1p5t8\\)" }, { "model": "honor 20 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.154\\(c636e2r3p1\\)" }, { "model": "columbia-l29d", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.350\\(c461e3r1p11t8\\)" }, { "model": "enterprise linux server tus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.2" }, { "model": "leland-l32a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "neo-al00d", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "sydneym-l03", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "honor 20 pro", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.154\\(c185e2r5p1\\)" }, { "model": "mac os x", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "10.13.6" }, { "model": "bla-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.300\\(c605e2r1p12t8\\)" }, { "model": "lelandp-l22a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "charlotte-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.325\\(c185e4r1p11t8\\)" }, { "model": "leland-l31a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "atomu-l41", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "8.0.0.153\\(c461custc461d1\\)" }, { "model": "imanager neteco", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "paris-l21b", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "7.3" }, { "model": "mate 20 pro", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "mrg realtime", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "2.0" }, { "model": "y5 2018", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "yale-al00a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "sydney-tl00", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "bla-l29c", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.306\\(c636e2r1p13t8\\)" }, { "model": "lelandp-al00c", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "sydney-l21br", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "columbia-al10b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.333\\(c00e333r1p1t8\\)" }, { "model": "p20 pro", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "honor view 20", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "enterprise linux server aus", "scope": "eq", "trust": 1.0, "vendor": "redhat", "version": "8.4" }, { "model": "barca-al00", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "8.0.0.366\\(c00\\)" }, { "model": "leland-l21a", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "paris-l21meb", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "princeton-al10b", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "florida-l21", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.150\\(c432e6r1p5t8\\)" }, { "model": "ares-al00b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.160\\(c00e160r2p5t8\\)" }, { "model": "mate 20", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "watchos", "scope": "eq", "trust": 1.0, "vendor": "apple", "version": "5.3" }, { "model": "honor 10 lite", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "y5 lite", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "bla-al00b", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.329\\(c786e320r2p1t8\\)" }, { "model": "figo-l31", "scope": "lt", "trust": 1.0, "vendor": "huawei", "version": "9.1.0.137\\(c530e8r1p5t8\\)" }, { "model": "leap", "scope": "eq", "trust": 1.0, "vendor": "opensuse", "version": "15.1" }, { "model": "y7 2019", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": "sydneym-l21", "scope": "eq", "trust": 1.0, "vendor": "huawei", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "blackberry", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "bluetooth sig", "version": null }, { "model": "br/edr core", "scope": "lte", "trust": 0.8, "vendor": "bluetooth sig", "version": "v5.1" } ], "sources": [ { "db": "CERT/CC", "id": "VU#918987" }, { "db": "JVNDB", "id": "JVNDB-2019-007618" }, { "db": "NVD", "id": "CVE-2019-9506" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "cpe_match": [ { "cpe22Uri": "cpe:/a:misc:bluetooth_br_edr_core", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2019-007618" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "156058" }, { "db": "PACKETSTORM", "id": "157216" }, { "db": "PACKETSTORM", "id": "155017" }, { "db": "PACKETSTORM", "id": "155004" }, { "db": "PACKETSTORM", "id": "154863" }, { "db": "PACKETSTORM", "id": "154879" }, { "db": "PACKETSTORM", "id": "154936" }, { "db": "PACKETSTORM", "id": "154949" } ], "trust": 0.8 }, "cve": "CVE-2019-9506", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 4.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.5, "id": "CVE-2019-9506", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 1.1, "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "LOW", "accessVector": "ADJACENT NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "NONE", "availabilityRequirement": "NOT DEFINED", "baseScore": 7.8, "collateralDamagePotential": "NOT DEFINED", "confidentialityImpact": "COMPLETE", "confidentialityRequirement": "NOT DEFINED", "enviromentalScore": 7.8, "exploitability": "NOT DEFINED", "exploitabilityScore": 6.5, "id": "CVE-2019-9506", "impactScore": 9.2, "integrityImpact": "COMPLETE", "integrityRequirement": "NOT DEFINED", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "remediationLevel": "NOT DEFINED", "reportConfidence": "NOT DEFINED", "severity": "HIGH", "targetDistribution": "NOT DEFINED", "trust": 0.8, "userInteractionRequired": null, "vector_string": "AV:A/AC:L/Au:N/C:C/I:C/A:N", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "NONE", "baseScore": 4.8, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 6.5, "id": "VHN-160941", "impactScore": 4.9, "integrityImpact": "PARTIAL", "severity": "MEDIUM", "trust": 0.1, "vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:N", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "nvd@nist.gov", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2019-9506", "impactScore": 5.2, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, { "attackComplexity": "LOW", "attackVector": "ADJACENT", "author": "cret@cert.org", "availabilityImpact": "LOW", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 2.8, "id": "CVE-2019-9506", "impactScore": 4.7, "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.0" } ], "severity": [ { "author": "nvd@nist.gov", "id": "CVE-2019-9506", "trust": 1.0, "value": "HIGH" }, { "author": "cret@cert.org", "id": "CVE-2019-9506", "trust": 1.0, "value": "HIGH" }, { "author": "NVD", "id": "CVE-2019-9506", "trust": 0.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201908-864", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-160941", "trust": 0.1, "value": "MEDIUM" }, { "author": "VULMON", "id": "CVE-2019-9506", "trust": 0.1, "value": "MEDIUM" } ] } ], "sources": [ { "db": "CERT/CC", "id": "VU#918987" }, { "db": "VULHUB", "id": "VHN-160941" }, { "db": "VULMON", "id": "CVE-2019-9506" }, { "db": "CNNVD", "id": "CNNVD-201908-864" }, { "db": "NVD", "id": "CVE-2019-9506" }, { "db": "NVD", "id": "CVE-2019-9506" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Bluetooth BR/EDR The entropy negotiation of the encryption key used for encryption on the connection has a problem that is vulnerable to man-in-the-middle attacks by design. A third party Bluetooth BR/EDR The entropy of the encryption key used for communication 1 Force byte (Key Negotiation Of Bluetooth (KNOB) attack) Brute force attacks on subsequent communications (Brute force attack) May be able to decrypt and intercept the contents. Bluetooth Is Bluetooth Basic Rate / Enhanced Data Rate (Bluetooth BR/EDR) Includes core configuration 6 A short-range wireless technology based on different core specifications and used for low-power short-range communications. Bluetooth To establish encrypted communication for 2 Horn Bluetooth You need to establish a link key that the device will pair and use to generate the encryption key used for encryption at the link layer. The entropy of the encryption key is 1 From bytes 16 In bytes length Bluetooth Set between controllers. When an attacker interrupts the encryption key entropy setting request between controllers and each controller accepts a low entropy setting, encrypted communication with low entropy is forced, resulting in a brute force attack (Brute force attack) Because of this, communication between devices may be easily decrypted.Man-in-the-middle attacks (man-in-the-middle attack) There is a possibility of eavesdropping on encrypted communication by. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. \nThis advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability. \n\nThis advisory is available at the following link:\ntools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nBug Fix(es):\n\n* Backport TCP follow-up for small buffers (BZ#1739184)\n\n* TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)\n\n* RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test\n(Marvell/Cavium/QLogic) (L3:) (BZ#1743548)\n\n* block: blk-mq improvement (BZ#1780567)\n\n* RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during\nRHEL8.0 validation for SAP HANA on POWER (BZ#1781111)\n\n* blk-mq: overwirte performance drops on real MQ device (BZ#1782183)\n\n* RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads\nto drain out system memory quickly. (BZ#1782705)\n\n4. \n\nBug Fix(es):\n\n* port show-kabi to python3 (BZ#1806924)\n\n4. 7.6) - ppc64le, x86_64\n\n3. Description:\n\nThis is a kernel live patch module which is automatically loaded by the RPM\npost-install script to modify the code of a running kernel. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nBug Fix(es):\n\n* kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2019:3055-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3055\nIssue date: 2019-10-15\nCVE Names: CVE-2018-20856 CVE-2019-3846 CVE-2019-9506\n CVE-2019-10126\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nSecurity Fix(es):\n\n* kernel: Use-after-free in __blk_drain_queue() function in\nblock/blk-core.c (CVE-2018-20856)\n\n* kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in\nmarvell/mwifiex/scan.c (CVE-2019-3846)\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)\n(CVE-2019-9506)\n\n* kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in\ndrivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fixes:\n\n* gfs2: Fix iomap write page reclaim deadlock (BZ#1737373)\n\n* [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740178)\n\n* high update_cfs_rq_blocked_load contention (BZ#1740180)\n\n* [Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows\nServer 2019. (BZ#1740188)\n\n* kvm: backport cpuidle-haltpoll driver (BZ#1740192)\n\n* Growing unreclaimable slab memory (BZ#1741920)\n\n* [bnx2x] ping failed from pf to vf which has been attached to vm\n(BZ#1741926)\n\n* [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with \u003e\n240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324)\n\n* Macsec: inbound MACSEC frame is unexpectedly dropped with InPktsNotValid\n(BZ#1744442)\n\n* RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6\naddress (BZ#1744443)\n\n* RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE system\n(BZ#1744444)\n\n* NFSv4.0 client sending a double CLOSE (leading to EIO application\nfailure) (BZ#1744946)\n\n* [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but\nthe VM was unavailable for 2 hours (BZ#1748239)\n\n* NFS client autodisconnect timer may fire immediately after TCP connection\nsetup and may cause DoS type reconnect problem in complex network\nenvironments (BZ#1749290)\n\n* [Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296)\n\n* Allows macvlan to operated correctly over the active-backup mode to\nsupport bonding events. (BZ#1751579)\n\n* [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group\n(BZ#1752421)\n\nUsers of kernel are advised to upgrade to these updated packages, which fix\nthese bugs. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1713059 - CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c\n1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c\n1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)\n1738705 - CVE-2018-20856 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-1062.4.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm\nkernel-doc-3.10.0-1062.4.1.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1062.4.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-1062.4.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm\nkernel-doc-3.10.0-1062.4.1.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1062.4.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-1062.4.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm\nkernel-doc-3.10.0-1062.4.1.el7.noarch.rpm\n\nppc64:\nbpftool-3.10.0-1062.4.1.el7.ppc64.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debug-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-devel-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-headers-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-tools-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.ppc64.rpm\nperf-3.10.0-1062.4.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\npython-perf-3.10.0-1062.4.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\n\nppc64le:\nbpftool-3.10.0-1062.4.1.el7.ppc64le.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debug-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-devel-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-headers-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-tools-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.ppc64le.rpm\nperf-3.10.0-1062.4.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\npython-perf-3.10.0-1062.4.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\n\ns390x:\nbpftool-3.10.0-1062.4.1.el7.s390x.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-debug-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-devel-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-headers-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-kdump-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-1062.4.1.el7.s390x.rpm\nperf-3.10.0-1062.4.1.el7.s390x.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\npython-perf-3.10.0-1062.4.1.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm\n\nx86_64:\nbpftool-3.10.0-1062.4.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm\n\nppc64le:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-1062.4.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm\nkernel-doc-3.10.0-1062.4.1.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1062.4.1.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-20856\nhttps://access.redhat.com/security/cve/CVE-2019-3846\nhttps://access.redhat.com/security/cve/CVE-2019-9506\nhttps://access.redhat.com/security/cve/CVE-2019-10126\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXaYG69zjgjWX9erEAQjA1Q/7Bte0lgWfI6xE9bw9FqrE7ZFw3Jq5bqV1\n8PYYAZBFCLUHsC1HS33jiTGGaS5xbqR4yrtNCnZHLhsZU6w9avm0zDFW2CEzAwRC\nUri5R30mCVtc2p3jsHupNKrKhzzkmKjz2J5gYn+ubX9Ok7ScxZZ8ucF9kJcSx7LL\nqswocd0lWkbjy/2MY0t6MCMnvoNvgOB1XEmQE5a9CHrHtKe9kEJcWJUht6vXqhZ4\nSJYkMLDIsDYOXFsWBwZnKT0BVXNurS9+g7b7MX4ZaQATN5MD9x7jP7FYTIp8lhyJ\nNKOqa8/D5eFGKF3YlgySgqXZ22XT1MasENDJ7OS62lRQd+/eeznyK0CUOAtILLvH\n1GTfXgz8nvMynX+ZKkiZv5+tEFCWFNKkHudYuzoirFa+p29l0YWW6SjfPN+c3NnE\n9DLfZhqYuX2tcx3O8khxjS/okRh5mBFQvzXlWqyPmgqsbjP0L5R2YoPNMzzGB3OQ\nFA/QgjD8AD9Tn8+rZM+VeoWVYTwPT8OMv1wMEqOeJLIxR8/DiY42YEQiNBU2na4W\nAYajLwK6d3Ey+DV+/5YwjWWQOyyTxP9Q8F0xb61HdQmq1dILZJgFBmVR5ilxlpoJ\nsHiYCTKF/M8DbDGSWwZkD69ZPtBWPGvTI0XkgTIfhcTeF2BRL2UZkszrM72QjGqH\nOQh6hA3MyvA=zvD0\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Description:\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables\nfine-tuning for systems with extremely high determinism requirements. \n\nBug Fix(es):\n\n* kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-8-13-3 Additional information for\nAPPLE-SA-2019-7-22-4 watchOS 5.3\n\nwatchOS 5.3 addresses the following:\n\nBluetooth\nAvailable for: Apple Watch Series 1 and later\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)\nDescription: An input validation issue existed in Bluetooth. This\nissue was addressed with improved input validation. \nCVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Nils Ole\nTippenhauer of CISPA, Germany, and Prof. Kasper Rasmussen of\nUniversity of Oxford, England\nEntry added August 13, 2019\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2019-8647: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8660: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nDigital Touch\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8624: Natalie Silvanovich of Google Project Zero\n\nFaceTime\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu\n\nFoundation\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8641: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nHeimdal\nAvailable for: Apple Watch Series 1 and later\nImpact: An issue existed in Samba that may allow attackers to perform\nunauthorized actions by intercepting communications between services\nDescription: This issue was addressed with improved checks to prevent\nunauthorized actions. \nCVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team\nand Catalyst\n\nlibxslt\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to view sensitive information\nDescription: A stack overflow was addressed with improved input\nvalidation. \nCVE-2019-13118: found by OSS-Fuzz\n\nMessages\nAvailable for: Apple Watch Series 1 and later\nImpact: Users removed from an iMessage conversation may still be able\nto alter state\nDescription: This issue was addressed with improved checks. \nCVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of\nUniversity of Oregon\n\nMessages\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may cause an unexpected application\ntermination\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2019-8665: Michael Hernandez of XYZ Marketing\n\nQuick Look\nAvailable for: Apple Watch Series 1 and later\nImpact: An attacker may be able to trigger a use-after-free in an\napplication deserializing an untrusted NSDictionary\nDescription: This issue was addressed with improved checks. \nCVE-2019-8662: Natalie Silvanovich and Samuel Gro\u00df of Google Project\nZero\n\nSiri\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nUIFoundation\nAvailable for: Apple Watch Series 1 and later\nImpact: Parsing a maliciously crafted office document may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8657: riusksk of VulWar Corp working with Trend Micro\u0027s Zero\nDay Initiative\n\nWallet\nAvailable for: Apple Watch Series 1 and later\nImpact: A user may inadvertently complete an in-app purchase while on\nthe lock screen\nDescription: The issue was addressed with improved UI handling. \nCVE-2019-8682: Jeff Braswell (JeffBraswell.com)\n\nWebKit\nAvailable for: Apple Watch Series 1 and later\nImpact: Processing maliciously crafted web content may lead to\nuniversal cross site scripting\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2019-8658: akayn working with Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: Apple Watch Series 1 and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2019-8669: akayn working with Trend Micro\u0027s Zero Day Initiative\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\nCVE-2019-8683: lokihardt of Google Project Zero\nCVE-2019-8684: lokihardt of Google Project Zero\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech,\nKen Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL,\nand Eric Lung (@Khlung1) of VXRL\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\nCVE-2019-8689: lokihardt of Google Project Zero\n\nAdditional recognition\n\nMobileInstallation\nWe would like to acknowledge Dany Lisiansky (@DanyL931) for their\nassistance. \n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/kb/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". 7.4) - noarch, x86_64\n\n3. \n\nBug Fix(es):\n\n* Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)\n\n* powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas:\nFix a potential race between CPU-Offline \u0026 Migration (LPM) (BZ#1745436)\n\n* powerpc/pseries: Fix unitialized timer reset on migration /\npowerpc/pseries/mobility: Extend start/stop topology update scope (LPM)\n(BZ#1745438)\n\n* ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM\n(POWER9/P9) (BZ#1745446)\n\n4", "sources": [ { "db": "NVD", "id": "CVE-2019-9506" }, { "db": "CERT/CC", "id": "VU#918987" }, { "db": "JVNDB", "id": "JVNDB-2019-007618" }, { "db": "VULHUB", "id": "VHN-160941" }, { "db": "VULMON", "id": "CVE-2019-9506" }, { "db": "PACKETSTORM", "id": "156058" }, { "db": "PACKETSTORM", "id": "157216" }, { "db": "PACKETSTORM", "id": "155017" }, { "db": "PACKETSTORM", "id": "155004" }, { "db": "PACKETSTORM", "id": "154863" }, { "db": "PACKETSTORM", "id": "154879" }, { "db": "PACKETSTORM", "id": "154936" }, { "db": "PACKETSTORM", "id": "154056" }, { "db": "PACKETSTORM", "id": "154949" } ], "trust": 3.33 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2019-9506", "trust": 3.5 }, { "db": "CERT/CC", "id": "VU#918987", "trust": 3.4 }, { "db": "PACKETSTORM", "id": "157216", "trust": 0.8 }, { "db": "JVN", "id": "JVNVU90240762", "trust": 0.8 }, { "db": "JVNDB", "id": "JVNDB-2019-007618", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201908-864", "trust": 0.7 }, { "db": "PACKETSTORM", "id": "156058", "trust": 0.7 }, { "db": "AUSCERT", "id": "ESB-2020.0141", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.1366", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.1189", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.1366.2", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.4346", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.4346.2", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.4676", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.0262", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.3115", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.4252", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2020.1338", "trust": 0.6 }, { "db": "AUSCERT", "id": "ESB-2019.4584", "trust": 0.6 }, { "db": "LENOVO", "id": "LEN-27173", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "155017", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "154949", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "154936", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "155004", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-160941", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2019-9506", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "154863", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "154879", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "154056", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#918987" }, { "db": "VULHUB", "id": "VHN-160941" }, { "db": "VULMON", "id": "CVE-2019-9506" }, { "db": "JVNDB", "id": "JVNDB-2019-007618" }, { "db": "PACKETSTORM", "id": "156058" }, { "db": "PACKETSTORM", "id": "157216" }, { "db": "PACKETSTORM", "id": "155017" }, { "db": "PACKETSTORM", "id": "155004" }, { "db": "PACKETSTORM", "id": "154863" }, { "db": "PACKETSTORM", "id": "154879" }, { "db": "PACKETSTORM", "id": "154936" }, { "db": "PACKETSTORM", "id": "154056" }, { "db": "PACKETSTORM", "id": "154949" }, { "db": "CNNVD", "id": "CNNVD-201908-864" }, { "db": "NVD", "id": "CVE-2019-9506" } ] }, "id": "VAR-201908-1958", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-160941" } ], "trust": 0.6336539925 }, "last_update_date": "2024-11-29T21:02:34.420000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Key Negotiation of Bluetooth", "trust": 0.8, "url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/" }, { "title": "The building blocks of all Bluetooth devices", "trust": 0.8, "url": "https://www.bluetooth.com/specifications/" }, { "title": "Keep up to date with Errata", "trust": 0.8, "url": "https://www.bluetooth.com/specifications/errata/" }, { "title": "Bluetooth Security vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96553" }, { "title": "The Register", "trust": 0.2, "url": "https://www.theregister.co.uk/2019/08/22/cisco_patch_bundle/" }, { "title": "Red Hat: Important: kernel security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193187 - Security Advisory" }, { "title": "Red Hat: Important: kpatch-patch security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193231 - Security Advisory" }, { "title": "Red Hat: Important: kernel security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20192975 - Security Advisory" }, { "title": "Red Hat: Important: kernel-rt security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193165 - Security Advisory" }, { "title": "Red Hat: Important: kernel security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193218 - Security Advisory" }, { "title": "Red Hat: Important: kernel security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20201460 - Security Advisory" }, { "title": "Red Hat: Important: kernel security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193220 - Security Advisory" }, { "title": "Red Hat: Important: kernel-rt security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193089 - Security Advisory" }, { "title": "Red Hat: Important: kernel security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193055 - Security Advisory" }, { "title": "Red Hat: Important: kernel-alt security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193217 - Security Advisory" }, { "title": "Red Hat: Important: kpatch-patch security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193076 - Security Advisory" }, { "title": "Red Hat: CVE-2019-9506", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2019-9506" }, { "title": "Cisco: Key Negotiation of Bluetooth Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190813-bluetooth" }, { "title": "HP: HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03634" }, { "title": "Red Hat: Important: kernel security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20200204 - Security Advisory" }, { "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=814c3d5b0bc03fc1c34e62dbc5cf6bf7" }, { "title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=20bba81176880ee641f9d46354adc125" }, { "title": "Red Hat: Important: kernel security, bug fix, and enhancement update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193517 - Security Advisory" }, { "title": "Huawei Security Advisories: Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=4da976eef66883f5331725800e5cf063" }, { "title": "Red Hat: Important: kernel-rt security and bug fix update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193309 - Security Advisory" }, { "title": "Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4147-1" }, { "title": "Fortinet Security Advisories: CVE-2019-9506 Encryption Key Negotiation of Bluetooth Vulnerability", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-19-224" }, { "title": "Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4115-2" }, { "title": "Ubuntu Security Notice: linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4115-1" }, { "title": "Ubuntu Security Notice: linux-aws vulnerabilities", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4118-1" }, { "title": "knob", "trust": 0.1, "url": "https://github.com/francozappa/knob " }, { "title": "bluetooth-KNOB", "trust": 0.1, "url": "https://github.com/u10427687/bluetooth-KNOB " }, { "title": "", "trust": 0.1, "url": "https://github.com/makaubenson/Fix-BT-Ubuntu " }, { "title": "broadcom-bt-firmware", "trust": 0.1, "url": "https://github.com/winterheart/broadcom-bt-firmware " }, { "title": "broadcom-bt-firmware", "trust": 0.1, "url": "https://github.com/AlexandrBing/broadcom-bt-firmware " }, { "title": "Protocol-Vul", "trust": 0.1, "url": "https://github.com/WinMin/Protocol-Vul " }, { "title": "awesome-bluetooth-security", "trust": 0.1, "url": "https://github.com/engn33r/awesome-bluetooth-security " }, { "title": "", "trust": 0.1, "url": "https://github.com/JeffroMF/awesome-bluetooth-security321 " }, { "title": "PoC-in-GitHub", "trust": 0.1, "url": "https://github.com/developer3000S/PoC-in-GitHub " }, { "title": "CVE-POC", "trust": 0.1, "url": "https://github.com/0xT11/CVE-POC " }, { "title": "", "trust": 0.1, "url": "https://github.com/vincent-deng/veracode-container-security-finding-parser " }, { "title": "PoC-in-GitHub", "trust": 0.1, "url": "https://github.com/hectorgie/PoC-in-GitHub " }, { "title": "PoC-in-GitHub", "trust": 0.1, "url": "https://github.com/nomi-sec/PoC-in-GitHub " }, { "title": "Symantec Threat Intelligence Blog", "trust": 0.1, "url": "https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-august-2019" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/cisco-patches-six-critical-bugs/147585/" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/lenovo-warns-bugs-thinkpads/147338/" }, { "title": "Threatpost", "trust": 0.1, "url": "https://threatpost.com/wormable-remote-desktop-bugs-august-patch-tuesday/147302/" }, { "title": "BleepingComputer", "trust": 0.1, "url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-traffic/" }, { "title": "BleepingComputer", "trust": 0.1, "url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-connections/" } ], "sources": [ { "db": "VULMON", "id": "CVE-2019-9506" }, { "db": "JVNDB", "id": "JVNDB-2019-007618" }, { "db": "CNNVD", "id": "CNNVD-201908-864" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-310", "trust": 1.1 }, { "problemtype": "CWE-327", "trust": 1.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-160941" }, { "db": "NVD", "id": "CVE-2019-9506" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.6, "url": "https://www.kb.cert.org/vuls/id/918987/" }, { "trust": 2.6, "url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli" }, { "trust": 2.5, "url": "https://access.redhat.com/errata/rhsa-2020:0204" }, { "trust": 2.0, "url": "https://access.redhat.com/errata/rhsa-2019:3187" }, { "trust": 1.9, "url": "https://access.redhat.com/errata/rhsa-2019:3055" }, { "trust": 1.9, "url": "https://access.redhat.com/errata/rhsa-2019:3089" }, { "trust": 1.9, "url": "https://access.redhat.com/errata/rhsa-2019:3165" }, { "trust": 1.9, "url": "https://access.redhat.com/errata/rhsa-2019:3218" }, { "trust": 1.9, "url": "https://access.redhat.com/errata/rhsa-2019:3231" }, { "trust": 1.8, "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en" }, { "trust": 1.8, "url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/" }, { "trust": 1.8, "url": "http://seclists.org/fulldisclosure/2019/aug/11" }, { "trust": 1.8, "url": "http://seclists.org/fulldisclosure/2019/aug/13" }, { "trust": 1.8, "url": "http://seclists.org/fulldisclosure/2019/aug/14" }, { "trust": 1.8, "url": "http://seclists.org/fulldisclosure/2019/aug/15" }, { "trust": 1.8, "url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html" }, { "trust": 1.8, "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html" }, { "trust": 1.8, "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html" }, { "trust": 1.8, "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html" }, { "trust": 1.8, "url": "https://access.redhat.com/errata/rhsa-2019:2975" }, { "trust": 1.8, "url": "https://access.redhat.com/errata/rhsa-2019:3076" }, { "trust": 1.8, "url": "https://access.redhat.com/errata/rhsa-2019:3217" }, { "trust": 1.8, "url": "https://access.redhat.com/errata/rhsa-2019:3220" }, { "trust": 1.8, "url": "https://access.redhat.com/errata/rhsa-2019:3309" }, { "trust": 1.8, "url": "https://access.redhat.com/errata/rhsa-2019:3517" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html" }, { "trust": 1.8, "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html" }, { "trust": 1.8, "url": "https://usn.ubuntu.com/4115-1/" }, { "trust": 1.8, "url": "https://usn.ubuntu.com/4118-1/" }, { "trust": 1.8, "url": "https://usn.ubuntu.com/4147-1/" }, { "trust": 1.6, "url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth" }, { "trust": 1.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-9506" }, { "trust": 0.9, "url": "https://github.com/francozappa/knob" }, { "trust": 0.8, "url": "https://www.bluetooth.com/specifications/adopted-specifications" }, { "trust": 0.8, "url": "https://www.usenix.org/system/files/sec19-antonioli.pdf" }, { "trust": 0.8, "url": "https://www.icasi.org/br-edr-encryption-key-bluetooth-vulnerability/" }, { "trust": 0.8, "url": "http://support.blackberry.com/kb/articledetail?articlenumber=000057251" }, { "trust": 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-9506" }, { "trust": 0.8, "url": "https://jvn.jp/vu/jvnvu90240762/" }, { "trust": 0.8, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.8, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.8, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.8, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.8, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.8, "url": "https://access.redhat.com/security/cve/cve-2019-9506" }, { "trust": 0.8, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.7, "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190813-bluetooth" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193294-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html" }, { "trust": 0.6, "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html" }, { "trust": 0.6, "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/157216/red-hat-security-advisory-2020-1460-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.1338/" }, { "trust": 0.6, "url": "https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2019-9506" }, { "trust": 0.6, "url": "https://support.lenovo.com/us/en/product_security/len-27173" }, { "trust": 0.6, "url": "https://support.apple.com/en-us/ht210353" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.4676/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.4346/" }, { "trust": 0.6, "url": "https://support.apple.com/en-us/ht210346" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.4252/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.4584/" }, { "trust": 0.6, "url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190828-01-knob-cn" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.0141/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.0262/" }, { "trust": 0.6, "url": "https://packetstormsecurity.com/files/156058/red-hat-security-advisory-2020-0204-01.html" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.3115/" }, { "trust": 0.6, "url": "https://vigilance.fr/vulnerability/bluetooth-br-edr-information-disclosure-via-key-negotiation-30041" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2019.4346.2/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.1189/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.1366/" }, { "trust": 0.6, "url": "https://www.auscert.org.au/bulletins/esb-2020.1366.2/" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-10126" }, { "trust": 0.3, "url": "https://access.redhat.com/security/cve/cve-2019-10126" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2019-3846" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-20856" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3846" }, { "trust": 0.2, "url": "https://access.redhat.com/security/cve/cve-2018-20856" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/327.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.kb.cert.org/vuls/id/918987" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5489" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0154" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-0154" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12207" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-16884" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-11135" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-14821" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-0155" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-0155" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14821" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-14901" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-5489" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14816" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14901" }, { "trust": 0.1, "url": "https://access.redhat.com/security/vulnerabilities/ifu-page-mce" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-3900" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2018-12207" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-14816" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11135" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16884" }, { "trust": 0.1, "url": "https://access.redhat.com/security/cve/cve-2019-3900" }, { "trust": 0.1, "url": "https://access.redhat.com/errata/rhsa-2020:1460" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8659" }, { "trust": 0.1, "url": "https://support.apple.com/kb/ht204641" }, { "trust": 0.1, "url": "https://support.apple.com/kb/ht201222" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2018-16860" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8669" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8646" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8688" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-13118" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8672" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8658" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8648" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8641" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8647" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8684" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8683" }, { "trust": 0.1, "url": "https://www.apple.com/support/security/pgp/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8624" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8682" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8665" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8660" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8657" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8689" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8676" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8685" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2019-8662" } ], "sources": [ { "db": "CERT/CC", "id": "VU#918987" }, { "db": "VULHUB", "id": "VHN-160941" }, { "db": "VULMON", "id": "CVE-2019-9506" }, { "db": "JVNDB", "id": "JVNDB-2019-007618" }, { "db": "PACKETSTORM", "id": "156058" }, { "db": "PACKETSTORM", "id": "157216" }, { "db": "PACKETSTORM", "id": "155017" }, { "db": "PACKETSTORM", "id": "155004" }, { "db": "PACKETSTORM", "id": "154863" }, { "db": "PACKETSTORM", "id": "154879" }, { "db": "PACKETSTORM", "id": "154936" }, { "db": "PACKETSTORM", "id": "154056" }, { "db": "PACKETSTORM", "id": "154949" }, { "db": "CNNVD", "id": "CNNVD-201908-864" }, { "db": "NVD", "id": "CVE-2019-9506" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#918987" }, { "db": "VULHUB", "id": "VHN-160941" }, { "db": "VULMON", "id": "CVE-2019-9506" }, { "db": "JVNDB", "id": "JVNDB-2019-007618" }, { "db": "PACKETSTORM", "id": "156058" }, { "db": "PACKETSTORM", "id": "157216" }, { "db": "PACKETSTORM", "id": "155017" }, { "db": "PACKETSTORM", "id": "155004" }, { "db": "PACKETSTORM", "id": "154863" }, { "db": "PACKETSTORM", "id": "154879" }, { "db": "PACKETSTORM", "id": "154936" }, { "db": "PACKETSTORM", "id": "154056" }, { "db": "PACKETSTORM", "id": "154949" }, { "db": "CNNVD", "id": "CNNVD-201908-864" }, { "db": "NVD", "id": "CVE-2019-9506" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2019-08-14T00:00:00", "db": "CERT/CC", "id": "VU#918987" }, { "date": "2019-08-14T00:00:00", "db": "VULHUB", "id": "VHN-160941" }, { "date": "2019-08-14T00:00:00", "db": "VULMON", "id": "CVE-2019-9506" }, { "date": "2019-08-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-007618" }, { "date": "2020-01-23T00:26:55", "db": "PACKETSTORM", "id": "156058" }, { "date": "2020-04-14T15:40:41", "db": "PACKETSTORM", "id": "157216" }, { "date": "2019-10-29T14:59:12", "db": "PACKETSTORM", "id": "155017" }, { "date": "2019-10-29T14:48:28", "db": "PACKETSTORM", "id": "155004" }, { "date": "2019-10-15T22:22:11", "db": "PACKETSTORM", "id": "154863" }, { "date": "2019-10-16T15:06:37", "db": "PACKETSTORM", "id": "154879" }, { "date": "2019-10-22T17:27:00", "db": "PACKETSTORM", "id": "154936" }, { "date": "2019-08-14T20:32:22", "db": "PACKETSTORM", "id": "154056" }, { "date": "2019-10-23T18:29:02", "db": "PACKETSTORM", "id": "154949" }, { "date": "2019-08-13T00:00:00", "db": "CNNVD", "id": "CNNVD-201908-864" }, { "date": "2019-08-14T17:15:11.597000", "db": "NVD", "id": "CVE-2019-9506" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2020-05-15T00:00:00", "db": "CERT/CC", "id": "VU#918987" }, { "date": "2021-11-04T00:00:00", "db": "VULHUB", "id": "VHN-160941" }, { "date": "2021-11-04T00:00:00", "db": "VULMON", "id": "CVE-2019-9506" }, { "date": "2019-08-16T00:00:00", "db": "JVNDB", "id": "JVNDB-2019-007618" }, { "date": "2021-11-05T00:00:00", "db": "CNNVD", "id": "CNNVD-201908-864" }, { "date": "2024-11-21T04:51:45.113000", "db": "NVD", "id": "CVE-2019-9506" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote or local", "sources": [ { "db": "CNNVD", "id": "CNNVD-201908-864" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks", "sources": [ { "db": "CERT/CC", "id": "VU#918987" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "encryption problem", "sources": [ { "db": "CNNVD", "id": "CNNVD-201908-864" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.