RHSA-2020:4609
Vulnerability from csaf_redhat - Published: 2020-11-04 01:14 - Updated: 2026-02-25 18:32Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Severity
Moderate
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458)
* kernel: use-after-free in drivers/bluetooth/hci_ldisc.c (CVE-2019-15917)
* kernel: out-of-bounds access in function hclge_tm_schd_mode_vnet_base_cfg (CVE-2019-15925)
* kernel: memory leak in ccp_run_sha_cmd() (CVE-2019-18808)
* kernel: Denial Of Service in the __ipmi_bmc_register() (CVE-2019-19046)
* kernel: out-of-bounds write in ext4_xattr_set_entry in fs/ext4/xattr.c (CVE-2019-19319)
* Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid (CVE-2019-19332)
* kernel: use-after-free in ext4_put_super (CVE-2019-19447)
* kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free (CVE-2019-19524)
* kernel: race condition caused by a malicious USB device in the USB character device driver layer (CVE-2019-19537)
* kernel: use-after-free in serial_ir_init_module() (CVE-2019-19543)
* kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry (CVE-2019-19767)
* kernel: use-after-free in debugfs_remove (CVE-2019-19770)
* kernel: out-of-bounds write via crafted keycode table (CVE-2019-20636)
* kernel: possible use-after-free due to a race condition in cdev_get of char_dev.c (CVE-2020-0305)
* kernel: out-of-bounds read in in vc_do_resize (CVE-2020-8647)
* kernel: use-after-free in n_tty_receive_buf_common (CVE-2020-8648)
* kernel: invalid read location in vgacon_invert_region (CVE-2020-8649)
* kernel: uninitialized kernel data leak in userspace coredumps (CVE-2020-10732)
* kernel: SELinux netlink permission check bypass (CVE-2020-10751)
* kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c (CVE-2020-11565)
* kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c (CVE-2020-11668)
* kernel: out-of-bounds write in xdp_umem_reg (CVE-2020-12659)
* kernel: sg_write function lacks an sg_remove_request call in a certain failure case (CVE-2020-12770)
* kernel: possible to send arbitrary signals to a privileged (suidroot) parent process (CVE-2020-12826)
* kernel: referencing inode of removed superblock in get_futex_key() causes UAF (CVE-2020-14381)
* kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS (CVE-2020-25641)
* kernel: kernel pointer leak due to WARN_ON statement in video driver leads to local information disclosure (CVE-2019-9455)
* kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c (CVE-2019-16231)
* kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c (CVE-2019-16233)
* kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c (CVE-2019-18809)
* kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() (CVE-2019-19056)
* kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS (CVE-2019-19062)
* kernel: Two memory leaks in the rtl_usb_probe() (CVE-2019-19063)
* kernel: A memory leak in the rtl8xxxu_submit_int_urb() (CVE-2019-19068)
* kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS (CVE-2019-19072)
* kernel: information leak bug caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c (CVE-2019-19533)
* kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (CVE-2019-20054)
* kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features (CVE-2020-10774)
* kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field (CVE-2020-10942)
* kernel: sync of excessive duration via an XFS v5 image with crafted metadata (CVE-2020-12655)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the Linux kernel's video driver. A kernel pointer lead, due to a WARN_ON statement could lead to a local information disclosure with system execution privileges. User interaction is not needed for exploitation. The highest threat from this vulnerability is to data confidentiality.
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel's video driver. A race condition, leading to a use-after-free, could lead to a local privilege escalation. User interaction is not needed for exploitation.
7.0 (High)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
To mitigate this issue, prevent modules v4l2-common, v4l2-dv-timings from being loaded if not being used for primary display. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
A flaw was found in the Linux kernel's implementation of the HCI UART driver. A local attacker with access permissions to the Bluetooth device can issue an ioctl, which triggers the hci_uart_set_proto() function in drivers/bluetooth/hci_ldisc.c. The flaw in this function can cause memory corruption or a denial of service because of a use-after-free issue when the hci_uart_register_dev() fails.
7.0 (High)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
To mitigate this issue, prevent module hci_uart from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
An out-of-bounds access flaw was found in the hclge_shaper_para_calc driver in the Linux kernel. Access to an array with an index higher than its maximum index will lead to an out-of-bounds access vulnerability. This could affect both data confidentiality and integrity as well as system availability.
7.8 (High)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Blacklisting the affected HCLGE driver module until a patch is available can be done using the blacklist mechanism. This will ensure the driver is not loaded at boot time. For instructions on how to black list a kernel module, please read: https://access.redhat.com/solutions/41278.
A flaw was found in the Linux kernel. A NULL pointer dereference flaw was found in the FUJITSU Extended Socket Network driver. A call to the alloc_workqueue return was not validated and causes a denial of service at the time of failure. The highest threat from this vulnerability is to system availability.
4.1 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel. A NULL pointer dereference flaw was found in the QLOGIC drivers for HBA. A call to alloc_workqueue return was not validated and can cause a denial of service. The highest threat from this vulnerability is to system availability.
4.1 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability.
5.5 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module ccp. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278
A flaw was found in the Afatech 9005 DVB-T receiver driver in the Linux kernel. An attacker, with physical access to the system, could cause the system to crash following a resource cleanup. The highest threat from this vulnerability is to system availability.
4.6 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module dvb-usb-af9005. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278
A memory leak problem was found in __ipmi_bmc_register in drivers/char/ipmi/ipmi_msghandler.c in Intelligent Platform Management Interface (IPMI) which is used for incoming and outgoing message routing purpose. This flaw may allow an attacker with minimal privilege to cause a denial of service by triggering ida_simple_get() failure.
6.5 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the way the mwifiex PCIE driver in the Linux kernel handled resource cleanup on a DMA mapping error. This flaw allows an attacker able to trigger the DMA mapping error to crash the system.
4.7 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module mwifiex_pcie. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .
A flaw was found in the Linux kernel. The crypto_report function mishandles resource cleanup on error. A local attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.
4.7 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module crypto_user. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .
A flaw was found in the Linux kernel. The rtl_usb_probe function mishandles resource cleanup on error. An attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.
4.6 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module rtl8192cu. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .
A flaw was found in the Linux kernel. A memory leak in the realtek driver allows an attacker to cause a denial of service through memory consumption. The highest threat from this vulnerability is to system availability.
4.6 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module rtl8xxxu. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .
A flaw was found in the way the predicate_parse function in the tracing subsystem of the Linux kernel handled resource cleanup on error. This flaw allows an attacker with the ability to produce the error to crash the system.
4.4 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
An out-of-bounds write flaw was found in the Linux kernel’s Ext4 FileSystem in the way it uses a crafted ext4 image. This flaw allows a local user with physical access to crash the system or potentially escalate their privileges on the system.
7.8 (High)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
An out-of-bounds memory write issue was found in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.
6.1 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
A flaw was found in the Linux kernel's ext4_unlink function. An attacker could corrupt memory or escalate privileges when deleting a file from a recently unmounted specially crafted ext4 filesystem, including local, USB, and iSCSI.
7.8 (High)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Ext4 filesytems are built into the kernel so it is not possible to prevent the kernel module from loading. However, this flaw can be prevented by disallowing mounting of untrusted filesystems.
As mounting is a privileged operation, (except for device hotplug) removing the ability for mounting and unmounting will prevent this flaw from being exploited.
A use-after-free flaw was found in the Linux kernel’s input device driver functionality when unplugging a device. A user with physical access could use this flaw to crash the system.
4.6 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
To mitigate this issue for the Red Hat Enterprise Linux 7 or higher version, prevent module ff-memless from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.
An information leak flaw was found in the Linux kernel's USB digital video device driver. An attacker with a malicious USB device presenting itself as a 'Technotrend/Hauppauge USB DEC' device is able to issue commands to this specific device and leak kernel internal memory information. The highest threat from this vulnerability is a breach of data confidentiality.
CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
As the ttusb_dec module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:
# echo "install ttusb_dec /bin/true" >> /etc/modprobe.d/disable-cifs.conf
The system will need to be restarted if the ttusb_dec module is already loaded. In most circumstances, the CIFS kernel module will be unable to be unloaded while the device is in use. If the system requires this module to work correctly, this mitigation may not be suitable. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.
A flaw was found in the Linux kernel, where there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer. An attacker who can hotplug at least two devices of this class can cause a use-after-free situation.
4.2 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Many Character devices can trigger this flaw as they leverage the lower levels of the USB subsystem.
The safest method that I have found would be to disable USB ports that are able to be attacked
using this method, disable them first by disallowing them from waking up from low-power states
with the command (Replace X with the port number available).
echo disabled >> /sys/bus/usb/devices/usbX/power/wakeup
The system must also disable the specific ports power after with the command:
echo suspend | sudo tee /sys/bus/usb/devices/usbX/power/level
This change not persist through system reboots and must be applied at each reboot to be effective.
A flaw was found in the Linux kernel’s infrared serial module. An attacker could use this flaw to corrupt memory and possibly escalate privileges.
6.7 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
As the module will be auto-loaded when the relevant hardware is required, its use can be disabled by preventing the module from loading with the following instructions:
# echo "install serial_ir /bin/true" >> /etc/modprobe.d/disable-serial-ir.conf
The system will need to be restarted if the CIFS modules are loaded. In most circumstances, the CIFS kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use.
If the system requires this module to work correctly, this mitigation may not be suitable.
If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.
A use-after-free flaw was found in the Linux kernel’s ext4 file system functionality when the user mount ext4 partition, with the usage of an additional debug parameter is defining an extra inode size. If this parameter has a non zero value, this flaw allows a local user to crash the system when inode expansion happens.
5.5 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
The mitigation is not to use debug_want_extra_isize parameter when mounting ext4 FS.
A use-after-free flaw was found in the debugfs_remove function in the Linux kernel. The flaw could allow a local attacker with special user (or root) privilege to crash the system at the time of file or directory removal. This vulnerability can lead to a kernel information leak. The highest threat from this vulnerability is to system availability.
5.1 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel’s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system.
5.1 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
An out-of-bounds write flaw was found in the Linux kernel. A crafted keycode table could be used by drivers/input/input.c to perform the out-of-bounds write. A local user with root access can insert garbage to this keycode table that can lead to out-of-bounds memory access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
6.7 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A use-after-free flaw was found in the way the Linux kernel's filesystem subsystem handled a race condition in the chrdev_open function. This flaw allows a privileged local user to starve the resources, causing a denial of service or potentially escalating their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
6.4 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel’s virtual console resize functionality. An attacker with local access to virtual consoles can use the virtual console resizing code to gather kernel internal data structures.
6.1 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
The attack vector can be significantly reduced by preventing users from being able to log into the local virtual console.
See the instructions on disabling local login here: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/managing_smart_cards/pam_configuration_files , See the section on "pam_console" to deny users logging into the console. This mechanism should work from el6 forward to current versions of Red Hat Enterprise Linux.
A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system.
7.1 (High)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console. An out-of-bounds read can occur, leaking information to the console.
5.9 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel’s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.
CWE-908 - Use of Uninitialized Resource
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Possible mitigation would be to disable core dumps system-wide by setting:
* hard core 0
In the /etc/security/limits.conf file and restarting applications/services/processes which users may have access to or simply reboot the system. This disables core dumps which may not be a suitable workaround in your environment.
A flaw was found in the Linux kernel’s SELinux LSM hook implementation, where it anticipated the skb would only contain a single Netlink message. The hook incorrectly validated the first Netlink message in the skb only, to allow or deny the rest of the messages within the skb with the granted permissions and without further processing. At this time, there is no known ability for an attacker to abuse this flaw.
6.1 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw memory disclosure flaw was found in the Linux kernel’s sysctl subsystem in reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
5.5 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A stack buffer overflow issue was found in the get_raw_socket() routine of the Host kernel accelerator for virtio net (vhost-net) driver. It could occur while doing an ictol(VHOST_NET_SET_BACKEND) call, and retrieving socket name in a kernel stack variable via get_raw_socket(). A user able to perform ioctl(2) calls on the '/dev/vhost-net' device may use this flaw to crash the kernel resulting in DoS issue.
5.3 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
An out-of-bounds write flaw was found in the Linux kernel. An empty nodelist in mempolicy.c is mishandled durig mount option parsing leading to a stack-based out-of-bounds write. The highest threat from this vulnerability is to system availability.
6.0 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A NULL pointer dereference flaw was found in the Xirlink camera USB driver 'xirlink-cit' in the Linux kernel. The driver mishandles invalid descriptors leading to a denial-of-service (DoS). This could allow a local attacker with user privilege to crash the system or leak kernel internal information.
7.1 (High)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is to skip loading the affected module 'xirlink-cit' onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.
~~~
How do I blacklist a kernel module to prevent it from loading automatically?
https://access.redhat.com/solutions/41278
~~~
A flaw was discovered in the XFS source in the Linux kernel. This flaw allows an attacker with the ability to mount an XFS filesystem, to trigger a denial of service while attempting to sync a file located on an XFS v5 image with crafted metadata.
5.5 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
This flaw requires an attacker being able to have the system mount a crafted filesystem.
If the xfs filesystem is not in use, the 'xfs' kernel module can be blacklisted and the module
will not be loaded when the filesystem is mounted, mounting will fail.
However, if this filesystem is in use, this workaround will not be suitable.
To find out how to blacklist the "xfs" kernel module please see https://access.redhat.com/solutions/41278 or contact Red hat Global Support services
An out-of-bounds (OOB) memory access flaw was found in the Network XDP (the eXpress Data Path) module in the Linux kernel's xdp_umem_reg function in net/xdp/xdp_umem.c. When a user with special user privilege of CAP_NET_ADMIN (or root) calls setsockopt to register umem ring on XDP socket, passing the headroom value larger than the available space in the chunk, it leads to an out-of-bounds write, causing panic or possible memory corruption. This flaw may lead to privilege escalation if a local end-user is granted permission to influence the execution of code in this manner.
6.7 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A vulnerability was found in sg_write in drivers/scsi/sg.c in the SCSI generic (sg) driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid (Sg_fd * sfp) pointer at the time of failure, also possibly causing a kernel internal information leak problem.
6.7 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel loose validation of child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.
5.3 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
6.7 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel’s implementation of biovecs. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
5.5 (Medium)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
7.8 (High)
Vendor Fix
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2020:4609
Workaround
In order to mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the kernel module cls_route.ko. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278.
Alternatively, if cls_route is being used, on Red Hat Enterprise Linux 8, you can disable unprivileged user namespaces by setting user.max_user_namespaces to 0:
# echo "user.max_user_namespaces=0" > /etc/sysctl.d/userns.conf
# sysctl -p /etc/sysctl.d/userns.conf
References
Acknowledgments
Adam Zabrocki
Netezza Support
Rakesh Rakesh
Zhenpeng Lin
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: use after free due to race condition in the video driver leads to local privilege escalation (CVE-2019-9458)\n\n* kernel: use-after-free in drivers/bluetooth/hci_ldisc.c (CVE-2019-15917)\n\n* kernel: out-of-bounds access in function hclge_tm_schd_mode_vnet_base_cfg (CVE-2019-15925)\n\n* kernel: memory leak in ccp_run_sha_cmd() (CVE-2019-18808)\n\n* kernel: Denial Of Service in the __ipmi_bmc_register() (CVE-2019-19046)\n\n* kernel: out-of-bounds write in ext4_xattr_set_entry in fs/ext4/xattr.c (CVE-2019-19319)\n\n* Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid (CVE-2019-19332)\n\n* kernel: use-after-free in ext4_put_super (CVE-2019-19447)\n\n* kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free (CVE-2019-19524)\n\n* kernel: race condition caused by a malicious USB device in the USB character device driver layer (CVE-2019-19537)\n\n* kernel: use-after-free in serial_ir_init_module() (CVE-2019-19543)\n\n* kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry (CVE-2019-19767)\n\n* kernel: use-after-free in debugfs_remove (CVE-2019-19770)\n\n* kernel: out-of-bounds write via crafted keycode table (CVE-2019-20636)\n\n* kernel: possible use-after-free due to a race condition in cdev_get of char_dev.c (CVE-2020-0305)\n\n* kernel: out-of-bounds read in in vc_do_resize (CVE-2020-8647)\n\n* kernel: use-after-free in n_tty_receive_buf_common (CVE-2020-8648)\n\n* kernel: invalid read location in vgacon_invert_region (CVE-2020-8649)\n\n* kernel: uninitialized kernel data leak in userspace coredumps (CVE-2020-10732)\n\n* kernel: SELinux netlink permission check bypass (CVE-2020-10751)\n\n* kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c (CVE-2020-11565)\n\n* kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c (CVE-2020-11668)\n\n* kernel: out-of-bounds write in xdp_umem_reg (CVE-2020-12659)\n\n* kernel: sg_write function lacks an sg_remove_request call in a certain failure case (CVE-2020-12770)\n\n* kernel: possible to send arbitrary signals to a privileged (suidroot) parent process (CVE-2020-12826)\n\n* kernel: referencing inode of removed superblock in get_futex_key() causes UAF (CVE-2020-14381)\n\n* kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS (CVE-2020-25641)\n\n* kernel: kernel pointer leak due to WARN_ON statement in video driver leads to local information disclosure (CVE-2019-9455)\n\n* kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c (CVE-2019-16231)\n\n* kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c (CVE-2019-16233)\n\n* kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c (CVE-2019-18809)\n\n* kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() (CVE-2019-19056)\n\n* kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS (CVE-2019-19062)\n\n* kernel: Two memory leaks in the rtl_usb_probe() (CVE-2019-19063)\n\n* kernel: A memory leak in the rtl8xxxu_submit_int_urb() (CVE-2019-19068)\n\n* kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS (CVE-2019-19072)\n\n* kernel: information leak bug caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c (CVE-2019-19533)\n\n* kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (CVE-2019-20054)\n\n* kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features (CVE-2020-10774)\n\n* kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field (CVE-2020-10942)\n\n* kernel: sync of excessive duration via an XFS v5 image with crafted metadata (CVE-2020-12655)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4609",
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/index"
},
{
"category": "external",
"summary": "1733495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733495"
},
{
"category": "external",
"summary": "1759052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759052"
},
{
"category": "external",
"summary": "1760100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760100"
},
{
"category": "external",
"summary": "1760310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760310"
},
{
"category": "external",
"summary": "1760420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760420"
},
{
"category": "external",
"summary": "1774946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774946"
},
{
"category": "external",
"summary": "1774963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774963"
},
{
"category": "external",
"summary": "1774988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774988"
},
{
"category": "external",
"summary": "1775015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775015"
},
{
"category": "external",
"summary": "1775021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775021"
},
{
"category": "external",
"summary": "1775097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775097"
},
{
"category": "external",
"summary": "1777418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777418"
},
{
"category": "external",
"summary": "1777449",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777449"
},
{
"category": "external",
"summary": "1779046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1779046"
},
{
"category": "external",
"summary": "1779594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1779594"
},
{
"category": "external",
"summary": "1781679",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781679"
},
{
"category": "external",
"summary": "1781810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781810"
},
{
"category": "external",
"summary": "1783459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783459"
},
{
"category": "external",
"summary": "1783534",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783534"
},
{
"category": "external",
"summary": "1783561",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783561"
},
{
"category": "external",
"summary": "1784130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1784130"
},
{
"category": "external",
"summary": "1786160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786160"
},
{
"category": "external",
"summary": "1786179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786179"
},
{
"category": "external",
"summary": "1790063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790063"
},
{
"category": "external",
"summary": "1802555",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802555"
},
{
"category": "external",
"summary": "1802559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802559"
},
{
"category": "external",
"summary": "1802563",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802563"
},
{
"category": "external",
"summary": "1817718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817718"
},
{
"category": "external",
"summary": "1819377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819377"
},
{
"category": "external",
"summary": "1819399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819399"
},
{
"category": "external",
"summary": "1822077",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1822077"
},
{
"category": "external",
"summary": "1824059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824059"
},
{
"category": "external",
"summary": "1824792",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824792"
},
{
"category": "external",
"summary": "1824918",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824918"
},
{
"category": "external",
"summary": "1831399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831399"
},
{
"category": "external",
"summary": "1832543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832543"
},
{
"category": "external",
"summary": "1832876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832876"
},
{
"category": "external",
"summary": "1833196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1833196"
},
{
"category": "external",
"summary": "1834845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834845"
},
{
"category": "external",
"summary": "1839634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1839634"
},
{
"category": "external",
"summary": "1843410",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843410"
},
{
"category": "external",
"summary": "1846964",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846964"
},
{
"category": "external",
"summary": "1852298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1852298"
},
{
"category": "external",
"summary": "1859590",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859590"
},
{
"category": "external",
"summary": "1860065",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860065"
},
{
"category": "external",
"summary": "1874311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874311"
},
{
"category": "external",
"summary": "1881424",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881424"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4609.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2026-02-25T18:32:10+00:00",
"generator": {
"date": "2026-02-25T18:32:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2020:4609",
"initial_release_date": "2020-11-04T01:14:17+00:00",
"revision_history": [
{
"date": "2020-11-04T01:14:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-04T01:14:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-25T18:32:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::nfv"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Real Time (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::realtime"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"product": {
"name": "kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"product_id": "kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-240.rt7.54.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"product": {
"name": "kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"product_id": "kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@4.18.0-240.rt7.54.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-240.rt7.54.el8.src as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)",
"product_id": "NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "NFV-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-240.rt7.54.el8.src as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src"
},
"product_reference": "kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)",
"product_id": "RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
},
"product_reference": "kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"relates_to_product_reference": "RT-8.3.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-9455",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-09-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1819399"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s video driver. A kernel pointer lead, due to a WARN_ON statement could lead to a local information disclosure with system execution privileges. User interaction is not needed for exploitation. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: kernel pointer leak due to WARN_ON statement in video driver leads to local information disclosure",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is marked as having Low impact because the information leak is very subtle and can be only used to break KASLR and not provide access to kernel memory content.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9455"
},
{
"category": "external",
"summary": "RHBZ#1819399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9455",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9455"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9455",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9455"
}
],
"release_date": "2019-09-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: kernel pointer leak due to WARN_ON statement in video driver leads to local information disclosure"
},
{
"cve": "CVE-2019-9458",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-09-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1819377"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s video driver. A race condition, leading to a use-after-free, could lead to a local privilege escalation. User interaction is not needed for exploitation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use after free due to race condition in the video driver leads to local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact, because of the need of additional privileges (usually local console user) to access the video device driver.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9458"
},
{
"category": "external",
"summary": "RHBZ#1819377",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819377"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9458",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9458"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9458",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9458"
}
],
"release_date": "2019-09-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent modules v4l2-common, v4l2-dv-timings from being loaded if not being used for primary display. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use after free due to race condition in the video driver leads to local privilege escalation"
},
{
"cve": "CVE-2019-15917",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1760100"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s implementation of the HCI UART driver. A local attacker with access permissions to the Bluetooth device can issue an ioctl, which triggers the hci_uart_set_proto() function in drivers/bluetooth/hci_ldisc.c. The flaw in this function can cause memory corruption or a denial of service because of a use-after-free issue when the hci_uart_register_dev() fails.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in drivers/bluetooth/hci_ldisc.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as a Moderate as it requires the local attacker to have permissions to issue ioctl commands to the bluetooth device and bluetooth hardware to be present.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15917"
},
{
"category": "external",
"summary": "RHBZ#1760100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760100"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15917",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15917"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15917",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15917"
}
],
"release_date": "2019-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "To mitigate this issue, prevent module hci_uart from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in drivers/bluetooth/hci_ldisc.c"
},
{
"cve": "CVE-2019-15925",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2019-09-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1759052"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds access flaw was found in the hclge_shaper_para_calc driver in the Linux kernel. Access to an array with an index higher than its maximum index will lead to an out-of-bounds access vulnerability. This could affect both data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds access in function hclge_tm_schd_mode_vnet_base_cfg",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15925"
},
{
"category": "external",
"summary": "RHBZ#1759052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1759052"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15925",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15925"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15925",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15925"
}
],
"release_date": "2019-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Blacklisting the affected HCLGE driver module until a patch is available can be done using the blacklist mechanism. This will ensure the driver is not loaded at boot time. For instructions on how to black list a kernel module, please read: https://access.redhat.com/solutions/41278.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds access in function hclge_tm_schd_mode_vnet_base_cfg"
},
{
"cve": "CVE-2019-16231",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2019-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1760310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A NULL pointer dereference flaw was found in the FUJITSU Extended Socket Network driver. A call to the alloc_workqueue return was not validated and causes a denial of service at the time of failure. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16231"
},
{
"category": "external",
"summary": "RHBZ#1760310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16231"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16231",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16231"
},
{
"category": "external",
"summary": "https://lkml.org/lkml/2019/9/9/487",
"url": "https://lkml.org/lkml/2019/9/9/487"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20191004-0001/",
"url": "https://security.netapp.com/advisory/ntap-20191004-0001/"
}
],
"release_date": "2019-09-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: null-pointer dereference in drivers/net/fjes/fjes_main.c"
},
{
"cve": "CVE-2019-16233",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2019-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1760420"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A NULL pointer dereference flaw was found in the QLOGIC drivers for HBA. A call to alloc_workqueue return was not validated and can cause a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16233"
},
{
"category": "external",
"summary": "RHBZ#1760420",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760420"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16233",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16233"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16233",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16233"
},
{
"category": "external",
"summary": "https://lkml.org/lkml/2019/9/9/487",
"url": "https://lkml.org/lkml/2019/9/9/487"
}
],
"release_date": "2019-09-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: null pointer dereference in drivers/scsi/qla2xxx/qla_os.c"
},
{
"cve": "CVE-2019-18808",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1777418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the AMD Cryptographic Co-processor driver in the Linux kernel. An attacker, able to send invalid SHA type commands, could cause the system to crash. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because it affects only specific hardware enabled systems.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-18808"
},
{
"category": "external",
"summary": "RHBZ#1777418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-18808",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18808"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-18808",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18808"
}
],
"release_date": "2019-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module ccp. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: memory leak in ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c"
},
{
"cve": "CVE-2019-18809",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1777449"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Afatech 9005 DVB-T receiver driver in the Linux kernel. An attacker, with physical access to the system, could cause the system to crash following a resource cleanup. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-18809"
},
{
"category": "external",
"summary": "RHBZ#1777449",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1777449"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-18809",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-18809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18809"
}
],
"release_date": "2019-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module dvb-usb-af9005. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: memory leak in af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c"
},
{
"cve": "CVE-2019-19046",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1774988"
}
],
"notes": [
{
"category": "description",
"text": "A memory leak problem was found in __ipmi_bmc_register in drivers/char/ipmi/ipmi_msghandler.c in Intelligent Platform Management Interface (IPMI) which is used for incoming and outgoing message routing purpose. This flaw may allow an attacker with minimal privilege to cause a denial of service by triggering ida_simple_get() failure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19046"
},
{
"category": "external",
"summary": "RHBZ#1774988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19046",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19046"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19046",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19046"
}
],
"release_date": "2019-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Denial Of Service in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c"
},
{
"cve": "CVE-2019-19056",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-11-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1775097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the mwifiex PCIE driver in the Linux kernel handled resource cleanup on a DMA mapping error. This flaw allows an attacker able to trigger the DMA mapping error to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows to cause DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Low impact because of the preconditions needed to trigger the resource cleanup code path (DMA mapping error).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19056"
},
{
"category": "external",
"summary": "RHBZ#1775097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19056",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19056"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19056",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19056"
}
],
"release_date": "2019-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module mwifiex_pcie. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows to cause DoS"
},
{
"cve": "CVE-2019-19062",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1775021"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. The crypto_report function mishandles resource cleanup on error. A local attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Low impact because of the preconditions needed to trigger the error cleanup code path.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19062"
},
{
"category": "external",
"summary": "RHBZ#1775021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775021"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19062",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19062"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19062",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19062"
}
],
"release_date": "2019-11-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module crypto_user. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for DoS"
},
{
"cve": "CVE-2019-19063",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1775015"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. The rtl_usb_probe function mishandles resource cleanup on error. An attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Low impact because of the preconditions needed to trigger the resource cleanup code path (physical access).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19063"
},
{
"category": "external",
"summary": "RHBZ#1775015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1775015"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19063",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19063"
}
],
"release_date": "2019-11-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module rtl8192cu. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS"
},
{
"cve": "CVE-2019-19068",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1774963"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A memory leak in the realtek driver allows an attacker to cause a denial of service through memory consumption. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c allows for a DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Low impact because of the preconditions needed to trigger the error/resource cleanup code path (physical access and/or system-wide out-of-memory condition).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19068"
},
{
"category": "external",
"summary": "RHBZ#1774963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774963"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19068",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19068"
}
],
"release_date": "2019-11-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module rtl8xxxu. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c allows for a DoS"
},
{
"cve": "CVE-2019-19072",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-11-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1774946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the predicate_parse function in the tracing subsystem of the Linux kernel handled resource cleanup on error. This flaw allows an attacker with the ability to produce the error to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Low impact because of the preconditions needed to trigger the error/resource cleanup code path (high privileges).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19072"
},
{
"category": "external",
"summary": "RHBZ#1774946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1774946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19072",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19072"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19072",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19072"
}
],
"release_date": "2019-11-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS"
},
{
"cve": "CVE-2019-19319",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2019-12-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1784130"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the Linux kernel\u2019s Ext4 FileSystem in the way it uses a crafted ext4 image. This flaw allows a local user with physical access to crash the system or potentially escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds write in ext4_xattr_set_entry in fs/ext4/xattr.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because of the preconditions needed to trigger the issue (physical access or user interaction to mount the crafted filesystem image).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19319"
},
{
"category": "external",
"summary": "RHBZ#1784130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1784130"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19319",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19319"
}
],
"release_date": "2019-11-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds write in ext4_xattr_set_entry in fs/ext4/xattr.c"
},
{
"cve": "CVE-2019-19332",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2019-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1779594"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds memory write issue was found in the way the Linux kernel\u0027s KVM hypervisor handled the \u0027KVM_GET_EMULATED_CPUID\u0027 ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the \u0027/dev/kvm\u0027 device could use this flaw to crash the system, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2.\n\nThis issue affects the version of the kernel package as shipped with Red Hat Enterprise Linux 7 and 8. Future kernel updates for Red Hat Enterprise Linux 7 and 8 may address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19332"
},
{
"category": "external",
"summary": "RHBZ#1779594",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1779594"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19332",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19332"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19332",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19332"
},
{
"category": "external",
"summary": "https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50@google.com/",
"url": "https://lore.kernel.org/kvm/000000000000ea5ec20598d90e50@google.com/"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2019/12/16/1",
"url": "https://www.openwall.com/lists/oss-security/2019/12/16/1"
}
],
"release_date": "2019-12-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Kernel: kvm: OOB memory write via kvm_dev_ioctl_get_cpuid"
},
{
"cve": "CVE-2019-19447",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1781679"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u0027s ext4_unlink function. An attacker could corrupt memory or escalate privileges when deleting a file from a recently unmounted specially crafted ext4 filesystem, including local, USB, and iSCSI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19447"
},
{
"category": "external",
"summary": "RHBZ#1781679",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781679"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19447",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19447"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19447",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19447"
},
{
"category": "external",
"summary": "https://bugzilla.kernel.org/show_bug.cgi?id=205433",
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=205433"
},
{
"category": "external",
"summary": "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447",
"url": "https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447"
}
],
"release_date": "2019-12-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Ext4 filesytems are built into the kernel so it is not possible to prevent the kernel module from loading. However, this flaw can be prevented by disallowing mounting of untrusted filesystems.\n\nAs mounting is a privileged operation, (except for device hotplug) removing the ability for mounting and unmounting will prevent this flaw from being exploited.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c"
},
{
"cve": "CVE-2019-19524",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-12-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1783459"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s input device driver functionality when unplugging a device. A user with physical access could use this flaw to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19524"
},
{
"category": "external",
"summary": "RHBZ#1783459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19524",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19524"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19524",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19524"
}
],
"release_date": "2019-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "To mitigate this issue for the Red Hat Enterprise Linux 7 or higher version, prevent module ff-memless from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: a malicious USB device in the drivers/input/ff-memless.c leads to use-after-free"
},
{
"cve": "CVE-2019-19533",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-12-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1783534"
}
],
"notes": [
{
"category": "description",
"text": "An information leak flaw was found in the Linux kernel\u0027s USB digital video device driver. An attacker with a malicious USB device presenting itself as a \u0027Technotrend/Hauppauge USB DEC\u0027 device is able to issue commands to this specific device and leak kernel internal memory information. The highest threat from this vulnerability is a breach of data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: information leak bug caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19533"
},
{
"category": "external",
"summary": "RHBZ#1783534",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783534"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19533",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19533"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19533",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19533"
}
],
"release_date": "2019-08-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "As the ttusb_dec module will be auto-loaded when required, its use can be disabled by preventing the module from loading with the following instructions:\n\n# echo \"install ttusb_dec /bin/true\" \u003e\u003e /etc/modprobe.d/disable-cifs.conf \n \nThe system will need to be restarted if the ttusb_dec module is already loaded. In most circumstances, the CIFS kernel module will be unable to be unloaded while the device is in use. If the system requires this module to work correctly, this mitigation may not be suitable. If you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: information leak bug caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c"
},
{
"cve": "CVE-2019-19537",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2019-12-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1783561"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel, where there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer. An attacker who can hotplug at least two devices of this class can cause a use-after-free situation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: race condition caused by a malicious USB device in the USB character device driver layer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19537"
},
{
"category": "external",
"summary": "RHBZ#1783561",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783561"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19537",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19537"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19537",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19537"
}
],
"release_date": "2019-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Many Character devices can trigger this flaw as they leverage the lower levels of the USB subsystem.\n\nThe safest method that I have found would be to disable USB ports that are able to be attacked\nusing this method, disable them first by disallowing them from waking up from low-power states \nwith the command (Replace X with the port number available).\n\necho disabled \u003e\u003e /sys/bus/usb/devices/usbX/power/wakeup \n\nThe system must also disable the specific ports power after with the command:\n\necho suspend | sudo tee /sys/bus/usb/devices/usbX/power/level\n\nThis change not persist through system reboots and must be applied at each reboot to be effective.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: race condition caused by a malicious USB device in the USB character device driver layer"
},
{
"cve": "CVE-2019-19543",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-12-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1781810"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s infrared serial module. An attacker could use this flaw to corrupt memory and possibly escalate privileges.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19543"
},
{
"category": "external",
"summary": "RHBZ#1781810",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1781810"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19543",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19543"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19543",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19543"
}
],
"release_date": "2019-03-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "As the module will be auto-loaded when the relevant hardware is required, its use can be disabled by preventing the module from loading with the following instructions:\n\n# echo \"install serial_ir /bin/true\" \u003e\u003e /etc/modprobe.d/disable-serial-ir.conf \n \nThe system will need to be restarted if the CIFS modules are loaded. In most circumstances, the CIFS kernel modules will be unable to be unloaded while any network interfaces are active and the protocol is in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.\n\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c"
},
{
"cve": "CVE-2019-19767",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1786160"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel\u2019s ext4 file system functionality when the user mount ext4 partition, with the usage of an additional debug parameter is defining an extra inode size. If this parameter has a non zero value, this flaw allows a local user to crash the system when inode expansion happens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19767"
},
{
"category": "external",
"summary": "RHBZ#1786160",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786160"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19767",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19767"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19767",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19767"
}
],
"release_date": "2019-11-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "The mitigation is not to use debug_want_extra_isize parameter when mounting ext4 FS.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in __ext4_expand_extra_isize and ext4_xattr_set_entry related to fs/ext4/inode.c and fs/ext4/super.c"
},
{
"cve": "CVE-2019-19770",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2019-12-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1786179"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the debugfs_remove function in the Linux kernel. The flaw could allow a local attacker with special user (or root) privilege to crash the system at the time of file or directory removal. This vulnerability can lead to a kernel information leak. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in debugfs_remove in fs/debugfs/inode.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-19770"
},
{
"category": "external",
"summary": "RHBZ#1786179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1786179"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-19770",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19770"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-19770",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19770"
}
],
"release_date": "2019-11-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in debugfs_remove in fs/debugfs/inode.c"
},
{
"cve": "CVE-2019-20054",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2019-12-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1790063"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s implementation of dropping sysctl entries. A local attacker who has access to load modules on the system can trigger a condition during module load failure and panic the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20054"
},
{
"category": "external",
"summary": "RHBZ#1790063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1790063"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20054",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20054"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20054",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20054"
}
],
"release_date": "2019-12-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: Null pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c"
},
{
"cve": "CVE-2019-20636",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2020-04-08T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824059"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the Linux kernel. A crafted keycode table could be used by drivers/input/input.c to perform the out-of-bounds write. A local user with root access can insert garbage to this keycode table that can lead to out-of-bounds memory access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds write via crafted keycode table",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated as having Moderate impact because of the need of physical access or administrator privileges to trigger it.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-20636"
},
{
"category": "external",
"summary": "RHBZ#1824059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-20636",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20636"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-20636",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20636"
}
],
"release_date": "2020-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds write via crafted keycode table"
},
{
"cve": "CVE-2020-0305",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-07-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1860065"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way the Linux kernel\u0027s filesystem subsystem handled a race condition in the chrdev_open function. This flaw allows a privileged local user to starve the resources, causing a denial of service or potentially escalating their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible use-after-free due to a race condition in cdev_get of char_dev.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Moderate impact because of the preconditions needed to trigger the issue (elevated/root privileges).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-0305"
},
{
"category": "external",
"summary": "RHBZ#1860065",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860065"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-0305",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0305"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-0305",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-0305"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68faa679b8be1a74e6663c21c3a9d25d32f1c079",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=68faa679b8be1a74e6663c21c3a9d25d32f1c079"
}
],
"release_date": "2020-07-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: possible use-after-free due to a race condition in cdev_get of char_dev.c"
},
{
"cve": "CVE-2020-8647",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1802563"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s virtual console resize functionality. An attacker with local access to virtual consoles can use the virtual console resizing code to gather kernel internal data structures.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having Moderate impact because the information leak is limited.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8647"
},
{
"category": "external",
"summary": "RHBZ#1802563",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802563"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8647",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8647"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8647",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8647"
}
],
"release_date": "2020-01-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "The attack vector can be significantly reduced by preventing users from being able to log into the local virtual console.\n\nSee the instructions on disabling local login here: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/managing_smart_cards/pam_configuration_files , See the section on \"pam_console\" to deny users logging into the console. This mechanism should work from el6 forward to current versions of Red Hat Enterprise Linux.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c"
},
{
"cve": "CVE-2020-8648",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1802559"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is moderate, because of the need of additional privileges (usually local console user).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8648"
},
{
"category": "external",
"summary": "RHBZ#1802559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802559"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8648"
}
],
"release_date": "2020-01-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c"
},
{
"cve": "CVE-2020-8649",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1802555"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console. An out-of-bounds read can occur, leaking information to the console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as a having Moderate impact, it is an infoleak that is written to the screen.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8649"
},
{
"category": "external",
"summary": "RHBZ#1802555",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802555"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8649",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8649"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8649",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8649"
}
],
"release_date": "2020-01-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c"
},
{
"cve": "CVE-2020-10732",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"discovery_date": "2020-05-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1831399"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s implementation of Userspace core dumps. This flaw allows an attacker with a local account to crash a trivial program and exfiltrate private kernel data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: uninitialized kernel data leak in userspace coredumps",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10732"
},
{
"category": "external",
"summary": "RHBZ#1831399",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1831399"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10732",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10732"
}
],
"release_date": "2020-05-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Possible mitigation would be to disable core dumps system-wide by setting:\n\n* hard core 0\n\nIn the /etc/security/limits.conf file and restarting applications/services/processes which users may have access to or simply reboot the system. This disables core dumps which may not be a suitable workaround in your environment.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: uninitialized kernel data leak in userspace coredumps"
},
{
"cve": "CVE-2020-10751",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2020-05-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1839634"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s SELinux LSM hook implementation, where it anticipated the skb would only contain a single Netlink message. The hook incorrectly validated the first Netlink message in the skb only, to allow or deny the rest of the messages within the skb with the granted permissions and without further processing. At this time, there is no known ability for an attacker to abuse this flaw.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: SELinux netlink permission check bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10751"
},
{
"category": "external",
"summary": "RHBZ#1839634",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1839634"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10751",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10751"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10751",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10751"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb73974172ffaaf57a7c42f35424d9aece1a5af6"
},
{
"category": "external",
"summary": "https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg@mail.gmail.com/",
"url": "https://lore.kernel.org/selinux/CACT4Y+b8HiV6KFuAPysZD=5hmyO4QisgxCKi4DHU3CfMPSP=yg@mail.gmail.com/"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2020/04/30/5",
"url": "https://www.openwall.com/lists/oss-security/2020/04/30/5"
}
],
"release_date": "2020-04-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: SELinux netlink permission check bypass"
},
{
"cve": "CVE-2020-10774",
"cwe": {
"id": "CWE-909",
"name": "Missing Initialization of Resource"
},
"discovery_date": "2020-06-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1846964"
}
],
"notes": [
{
"category": "description",
"text": "A flaw memory disclosure flaw was found in the Linux kernel\u2019s sysctl subsystem in reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Low impact because of the limited and random (non-controllable by attacker) memory disclosure.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10774"
},
{
"category": "external",
"summary": "RHBZ#1846964",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846964"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10774"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10774",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10774"
}
],
"release_date": "2020-06-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: possibility of memory disclosure when reading the file /proc/sys/kernel/rh_features"
},
{
"cve": "CVE-2020-10942",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1817718"
}
],
"notes": [
{
"category": "description",
"text": "A stack buffer overflow issue was found in the get_raw_socket() routine of the Host kernel accelerator for virtio net (vhost-net) driver. It could occur while doing an ictol(VHOST_NET_SET_BACKEND) call, and retrieving socket name in a kernel stack variable via get_raw_socket(). A user able to perform ioctl(2) calls on the \u0027/dev/vhost-net\u0027 device may use this flaw to crash the kernel resulting in DoS issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue does not affect the kernel package as shipped with the Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG 2.\nThis issue affects the kernel package as shipped with the Red Hat Enterprise Linux 6, 7 and 8. Future kernel updates for Red Hat Enterprise Linux 6, 7 and 8 may address this issue.\n\nIt is rated to have Low impact because it is quite difficult/unlikely to be triggered by a guest (or even host) user. In case it does happen, like in the upstream report, the stack overflow shall hit the stack canaries, resulting in DoS by crashing the kernel.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10942"
},
{
"category": "external",
"summary": "RHBZ#1817718",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1817718"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10942",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10942"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10942",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10942"
}
],
"release_date": "2020-03-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: vhost-net: stack overflow in get_raw_socket while checking sk_family field"
},
{
"cve": "CVE-2020-11565",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2020-04-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824918"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds write flaw was found in the Linux kernel. An empty nodelist in mempolicy.c is mishandled durig mount option parsing leading to a stack-based out-of-bounds write. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11565"
},
{
"category": "external",
"summary": "RHBZ#1824918",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824918"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11565",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11565"
}
],
"release_date": "2020-04-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: out-of-bounds write in mpol_parse_str function in mm/mempolicy.c"
},
{
"cve": "CVE-2020-11668",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2020-04-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1824792"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the Xirlink camera USB driver \u0027xirlink-cit\u0027 in the Linux kernel. The driver mishandles invalid descriptors leading to a denial-of-service (DoS). This could allow a local attacker with user privilege to crash the system or leak kernel internal information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11668"
},
{
"category": "external",
"summary": "RHBZ#1824792",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1824792"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11668"
}
],
"release_date": "2020-01-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is to skip loading the affected module \u0027xirlink-cit\u0027 onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: mishandles invalid descriptors in drivers/media/usb/gspca/xirlink_cit.c"
},
{
"cve": "CVE-2020-12655",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-05-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1832543"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in the XFS source in the Linux kernel. This flaw allows an attacker with the ability to mount an XFS filesystem, to trigger a denial of service while attempting to sync a file located on an XFS v5 image with crafted metadata.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sync of excessive duration via an XFS v5 image with crafted metadata",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated as having Low impact because of the preconditions needed to trigger it (administrative account or physical access).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12655"
},
{
"category": "external",
"summary": "RHBZ#1832543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832543"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12655",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12655"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12655",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12655"
}
],
"release_date": "2020-03-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "This flaw requires an attacker being able to have the system mount a crafted filesystem.\n\nIf the xfs filesystem is not in use, the \u0027xfs\u0027 kernel module can be blacklisted and the module\nwill not be loaded when the filesystem is mounted, mounting will fail.\n\nHowever, if this filesystem is in use, this workaround will not be suitable.\n\nTo find out how to blacklist the \"xfs\" kernel module please see https://access.redhat.com/solutions/41278 or contact Red hat Global Support services",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "kernel: sync of excessive duration via an XFS v5 image with crafted metadata"
},
{
"cve": "CVE-2020-12659",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2020-05-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1832876"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds (OOB) memory access flaw was found in the Network XDP (the eXpress Data Path) module in the Linux kernel\u0027s xdp_umem_reg function in net/xdp/xdp_umem.c. When a user with special user privilege of CAP_NET_ADMIN (or root) calls setsockopt to register umem ring on XDP socket, passing the headroom value larger than the available space in the chunk, it leads to an out-of-bounds write, causing panic or possible memory corruption. This flaw may lead to privilege escalation if a local end-user is granted permission to influence the execution of code in this manner.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write which could result in crash and data coruption",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12659"
},
{
"category": "external",
"summary": "RHBZ#1832876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1832876"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12659"
}
],
"release_date": "2020-05-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write which could result in crash and data coruption"
},
{
"cve": "CVE-2020-12770",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1834845"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in sg_write in drivers/scsi/sg.c in the SCSI generic (sg) driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid (Sg_fd * sfp) pointer at the time of failure, also possibly causing a kernel internal information leak problem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: sg_write function lacks an sg_remove_request call in a certain failure case",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12770"
},
{
"category": "external",
"summary": "RHBZ#1834845",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834845"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12770",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12770"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12770",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12770"
}
],
"release_date": "2020-04-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: sg_write function lacks an sg_remove_request call in a certain failure case"
},
{
"acknowledgments": [
{
"names": [
"Adam Zabrocki"
]
}
],
"cve": "CVE-2020-12826",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2020-03-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1822077"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel loose validation of child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: possible to send arbitrary signals to a privileged (suidroot) parent process",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12826"
},
{
"category": "external",
"summary": "RHBZ#1822077",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1822077"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12826",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12826"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12826",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12826"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d1e7fd6462ca9fc76650fbe6ca800e35b24267da",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d1e7fd6462ca9fc76650fbe6ca800e35b24267da"
},
{
"category": "external",
"summary": "https://lists.openwall.net/linux-kernel/2020/03/24/1803",
"url": "https://lists.openwall.net/linux-kernel/2020/03/24/1803"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/kernel-hardening/2020/03/25/1",
"url": "https://www.openwall.com/lists/kernel-hardening/2020/03/25/1"
}
],
"release_date": "2020-05-12T05:40:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: possible to send arbitrary signals to a privileged (suidroot) parent process"
},
{
"acknowledgments": [
{
"names": [
"Rakesh Rakesh"
],
"organization": "Netezza Support"
}
],
"cve": "CVE-2020-14381",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-09-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1874311"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: referencing inode of removed superblock in get_futex_key() causes UAF",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14381"
},
{
"category": "external",
"summary": "RHBZ#1874311",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874311"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14381",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14381"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14381",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14381"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8019ad13ef7f64be44d4f892af9c840179009254",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8019ad13ef7f64be44d4f892af9c840179009254"
}
],
"release_date": "2020-05-07T19:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: referencing inode of removed superblock in get_futex_key() causes UAF"
},
{
"cve": "CVE-2020-25641",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-09-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1881424"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel\u2019s implementation of biovecs. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-25641"
},
{
"category": "external",
"summary": "RHBZ#1881424",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881424"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-25641",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25641"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e24969022cbd61ddc586f14824fc205661bb124",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7e24969022cbd61ddc586f14824fc205661bb124"
},
{
"category": "external",
"summary": "https://www.kernel.org/doc/html/latest/block/biovecs.html",
"url": "https://www.kernel.org/doc/html/latest/block/biovecs.html"
}
],
"release_date": "2020-09-30T00:24:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: soft-lockups in iov_iter_copy_from_user_atomic() could result in DoS"
},
{
"acknowledgments": [
{
"names": [
"Zhenpeng Lin"
]
}
],
"cve": "CVE-2021-3715",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2021-08-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1993988"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the \"Routing decision\" classifier in the Linux kernel\u0027s Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in route4_change() in net/sched/cls_route.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated as having Moderate impact (Red Hat Enterprise Linux 7 and lower) because of the need to have CAP_NET_ADMIN privileges and that Red Hat Enterprise Linux 7 disabled unprivileged user/network namespaces by default.\n\nThis flaw is rated as having Important impact (Red Hat Enterprise Linux 8) because Red Hat Enterprise Linux 8 enabled unprivileged user/network namespaces by default which can be used to gain CAP_NET_ADMIN privileges in corresponding user namespace even for otherwise unprivileged local user and thus exercise this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3715"
},
{
"category": "external",
"summary": "RHBZ#1993988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993988"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3715"
},
{
"category": "external",
"summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359"
}
],
"release_date": "2021-09-07T08:25:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-04T01:14:17+00:00",
"details": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4609"
},
{
"category": "workaround",
"details": "In order to mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the kernel module cls_route.ko. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278.\n\nAlternatively, if cls_route is being used, on Red Hat Enterprise Linux 8, you can disable unprivileged user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf",
"product_ids": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"NFV-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"NFV-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.src",
"RT-8.3.0.GA:kernel-rt-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-core-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debug-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-debuginfo-common-x86_64-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-devel-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-kvm-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-0:4.18.0-240.rt7.54.el8.x86_64",
"RT-8.3.0.GA:kernel-rt-modules-extra-0:4.18.0-240.rt7.54.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: use-after-free in route4_change() in net/sched/cls_route.c"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…