var-201909-0695
Vulnerability from variot
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc.
Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.199/: Upgraded. These updates fix various bugs and security issues. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 4.4.191: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3900 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15118 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10905 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15117 Fixed in 4.4.193: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835 Fixed in 4.4.194: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14816 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14814 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15505 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821 Fixed in 4.4.195: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17053 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17052 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17056 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17055 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17054 Fixed in 4.4.196: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2215 Fixed in 4.4.197: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16746 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20976 Fixed in 4.4.198: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17075 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17133 Fixed in 4.4.199: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15098 ( Security fix *) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199_smp-noarch-1.txz
Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199-noarch-1.txz
MD5 signatures: +-------------+
Slackware 14.2 packages:
0e523f42e759ecc2399f36e37672f110 kernel-generic-4.4.199-i586-1.txz ee6451f5362008b46fee2e08e3077b21 kernel-generic-smp-4.4.199_smp-i686-1.txz a8338ef88f2e3ea9c74d564c36ccd420 kernel-headers-4.4.199_smp-x86-1.txz cd9e9c241e4eec2fba1dae658a28870e kernel-huge-4.4.199-i586-1.txz 842030890a424023817d42a83a86a7f4 kernel-huge-smp-4.4.199_smp-i686-1.txz 257db024bb4501548ac9118dbd2d9ae6 kernel-modules-4.4.199-i586-1.txz 96377cbaf7bca55aaca70358c63151a7 kernel-modules-smp-4.4.199_smp-i686-1.txz 0673e86466f9e624964d95107cf6712f kernel-source-4.4.199_smp-noarch-1.txz
Slackware x86_64 14.2 packages: 6d1ff428e7cad6caa8860acc402447a1 kernel-generic-4.4.199-x86_64-1.txz dadc091dc725b8227e0d1e35098d6416 kernel-headers-4.4.199-x86-1.txz f5f4c034203f44dd1513ad3504c42515 kernel-huge-4.4.199-x86_64-1.txz a5337cd8b2ca80d4d93b9e9688e42b03 kernel-modules-4.4.199-x86_64-1.txz 5dd6e46c04f37b97062dc9e52cc38add kernel-source-4.4.199-noarch-1.txz
Installation instructions: +------------------------+
Upgrade the packages as root:
upgradepkg kernel-*.txz
If you are using an initrd, you'll need to rebuild it.
For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2):
/usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199-smp | bash
For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2):
/usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199 | bash
Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.199-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.199 as the version.
If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting.
If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader.
If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition.
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. 6) - i386, x86_64
- ========================================================================= Ubuntu Security Notice USN-4135-2 September 18, 2019
linux, linux-aws, linux-azure, linux-lts-trusty, linux-lts-xenial vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in the Linux kernel. (CVE-2019-14835)
It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15030)
It was discovered that the Linux kernel on PowerPC architectures did not properly handle exceptions on interrupts in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-15031)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: linux-image-3.13.0-173-generic 3.13.0-173.224 linux-image-3.13.0-173-generic-lpae 3.13.0-173.224 linux-image-3.13.0-173-lowlatency 3.13.0-173.224 linux-image-3.13.0-173-powerpc-e500 3.13.0-173.224 linux-image-3.13.0-173-powerpc-e500mc 3.13.0-173.224 linux-image-3.13.0-173-powerpc-smp 3.13.0-173.224 linux-image-3.13.0-173-powerpc64-emb 3.13.0-173.224 linux-image-3.13.0-173-powerpc64-smp 3.13.0-173.224 linux-image-4.15.0-1059-azure 4.15.0-1059.64~14.04.1 linux-image-4.4.0-1054-aws 4.4.0-1054.58 linux-image-4.4.0-164-generic 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-generic-lpae 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-lowlatency 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-powerpc-e500mc 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-powerpc-smp 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-powerpc64-emb 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-powerpc64-smp 4.4.0-164.192~14.04.1 linux-image-aws 4.4.0.1054.55 linux-image-azure 4.15.0.1059.45 linux-image-generic 3.13.0.173.184 linux-image-generic-lpae 3.13.0.173.184 linux-image-generic-lpae-lts-xenial 4.4.0.164.143 linux-image-generic-lts-xenial 4.4.0.164.143 linux-image-lowlatency 3.13.0.173.184 linux-image-lowlatency-lts-xenial 4.4.0.164.143 linux-image-powerpc-e500 3.13.0.173.184 linux-image-powerpc-e500mc 3.13.0.173.184 linux-image-powerpc-e500mc-lts-xenial 4.4.0.164.143 linux-image-powerpc-smp 3.13.0.173.184 linux-image-powerpc-smp-lts-xenial 4.4.0.164.143 linux-image-powerpc64-emb 3.13.0.173.184 linux-image-powerpc64-emb-lts-xenial 4.4.0.164.143 linux-image-powerpc64-smp 3.13.0.173.184 linux-image-powerpc64-smp-lts-xenial 4.4.0.164.143 linux-image-server 3.13.0.173.184 linux-image-virtual 3.13.0.173.184 linux-image-virtual-lts-xenial 4.4.0.164.143
Ubuntu 12.04 ESM: linux-image-3.13.0-173-generic 3.13.0-173.224~12.04.1 linux-image-3.13.0-173-generic-lpae 3.13.0-173.224~12.04.1 linux-image-3.13.0-173-lowlatency 3.13.0-173.224~12.04.1 linux-image-3.2.0-143-generic 3.2.0-143.190 linux-image-3.2.0-143-generic-pae 3.2.0-143.190 linux-image-3.2.0-143-highbank 3.2.0-143.190 linux-image-3.2.0-143-omap 3.2.0-143.190 linux-image-3.2.0-143-powerpc-smp 3.2.0-143.190 linux-image-3.2.0-143-powerpc64-smp 3.2.0-143.190 linux-image-3.2.0-143-virtual 3.2.0-143.190 linux-image-generic 3.2.0.143.158 linux-image-generic-lpae-lts-trusty 3.13.0.173.161 linux-image-generic-lts-trusty 3.13.0.173.161 linux-image-generic-pae 3.2.0.143.158 linux-image-highbank 3.2.0.143.158 linux-image-omap 3.2.0.143.158 linux-image-powerpc 3.2.0.143.158 linux-image-powerpc-smp 3.2.0.143.158 linux-image-powerpc64-smp 3.2.0.143.158 linux-image-server 3.2.0.143.158 linux-image-virtual 3.2.0.143.158
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 7.2) - noarch, x86_64
-
(CVE-2019-14835)
-
kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
fs deadlock when a memory allocation waits on page writeback in NOFS context (BZ#1729103)
-
fragmented packets timing out (BZ#1729409)
-
kernel build: speed up debuginfo extraction (BZ#1731460)
-
use "make -jN" for modules_install (BZ#1735079)
-
shmem: consider shm_mnt as a long-term mount (BZ#1737374)
-
raid1d can hang in freeze_array if handling a mix of read and write errors (BZ#1737792)
-
Backport TCP follow-up for small buffers (BZ#1739125)
-
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security update Advisory ID: RHSA-2019:2829-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2829 Issue date: 2019-09-20 CVE Names: CVE-2019-14835 ==================================================================== 1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system. (CVE-2019-14835)
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
1750727 - CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: kernel-3.10.0-1062.1.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm kernel-doc-3.10.0-1062.1.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-1062.1.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm perf-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: kernel-3.10.0-1062.1.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm kernel-doc-3.10.0-1062.1.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-1062.1.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm perf-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: kernel-3.10.0-1062.1.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm kernel-doc-3.10.0-1062.1.2.el7.noarch.rpm
ppc64: bpftool-3.10.0-1062.1.2.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-3.10.0-1062.1.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debug-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.1.2.el7.ppc64.rpm kernel-devel-3.10.0-1062.1.2.el7.ppc64.rpm kernel-headers-3.10.0-1062.1.2.el7.ppc64.rpm kernel-tools-3.10.0-1062.1.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.ppc64.rpm perf-3.10.0-1062.1.2.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm python-perf-3.10.0-1062.1.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm
ppc64le: bpftool-3.10.0-1062.1.2.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debug-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-devel-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-headers-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-tools-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.ppc64le.rpm perf-3.10.0-1062.1.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm python-perf-3.10.0-1062.1.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm
s390x: bpftool-3.10.0-1062.1.2.el7.s390x.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm kernel-3.10.0-1062.1.2.el7.s390x.rpm kernel-debug-3.10.0-1062.1.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.s390x.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1062.1.2.el7.s390x.rpm kernel-devel-3.10.0-1062.1.2.el7.s390x.rpm kernel-headers-3.10.0-1062.1.2.el7.s390x.rpm kernel-kdump-3.10.0-1062.1.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-1062.1.2.el7.s390x.rpm perf-3.10.0-1062.1.2.el7.s390x.rpm perf-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm python-perf-3.10.0-1062.1.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm
x86_64: bpftool-3.10.0-1062.1.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm perf-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
ppc64: bpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.1.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm
ppc64le: bpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm
x86_64: bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: kernel-3.10.0-1062.1.2.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm kernel-doc-3.10.0-1062.1.2.el7.noarch.rpm
x86_64: bpftool-3.10.0-1062.1.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm perf-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
x86_64: bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-14835 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kernel-vhost
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXYSDiNzjgjWX9erEAQiVUQ/9EzNEE3VBb1tjfASE0BrtTQXPGV5OD0jF xgNeuTZt7X15behgUtLM3tDg3eiPYZnEErojpJr52sh7Jz1J2GuVajbVpUtaW2Wm P+iI+zmtzhdUPns6zbuV4Qkyk0Q2WNxt1RLMcZeXtDMKiYN7Tj34wmF2aKhvAB6i Du+8LiPcsU84XcyT5z4lnG/iRCw1CqHvuVj7oJNQCWGC3X3Am6hkmuZ3Y1I5+cI8 mqJIb+aEbvVnAzDLdyl9JoTOPy+e5X0wHLiTEwKgp6k6IaWdVoPoxcrx4M8TPPbN 7A8Q7KrLAqeDNkft8YKmYgO3alE7915/FaRcpzAoPlBlot/OvCeiwP0qPjQ9ki0C JrOk98DYgRD0OxLfXoe4mMfYyh+yb+Q3APxjv6r75RJuxXIQGHMgo8EWVRNkA7Je 2CMFtk2J1x/eiQnRN/UbEri6oDc9LIC6o4eANEm1hNPNoYi66xPDeTMiwua79q0n SnPLqXjjm0jDft7XOvv/5H9AuaRjurZLzMf6a08OouxCkzM8t1iRCnBrVTAW+AqW j/0eZz+ElMoM4xTtzM1aZit+0dy0wVbTdeCpbVJQre89Z2iA1exdgptnO+8/oLa3 XnWaluoWVObovE4ev0czx8ML9oJ13gVglU2Zme3Uzian48/2+/bgJHrjr3J+GLYG 6PiQ0CEHbCQ=V1EB -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7) - ppc64le, x86_64
- Description:
This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-0695",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "3.16.74"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.04"
},
{
"model": "h300s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.4"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "imanager neteco 6000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r008c20"
},
{
"model": "service processor",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.19"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.9"
},
{
"model": "steelstore cloud integrated storage",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "12.04"
},
{
"model": "imanager neteco",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r009c00"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "imanager neteco",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r009c10spc200"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "manageone",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "6.5.0"
},
{
"model": "h300e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "5.2"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.0"
},
{
"model": "h700e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "h500s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.6"
},
{
"model": "openshift container platform",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "3.11"
},
{
"model": "aff a700s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "4.14"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.19.73"
},
{
"model": "manageone",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "6.5.1rc1.b080"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "kernel",
"scope": "eq",
"trust": 1.0,
"vendor": "linux",
"version": "5.3"
},
{
"model": "virtualization",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.14.144"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "data availability services",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.9.193"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "14.04"
},
{
"model": "h410c",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "29"
},
{
"model": "h500e",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "4.4.193"
},
{
"model": "solidfire",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "kernel",
"scope": "gte",
"trust": 1.0,
"vendor": "linux",
"version": "2.6.34"
},
{
"model": "h410s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "h610s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"model": "manageone",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "6.5.1rc1.b060"
},
{
"model": "manageone",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "6.5.0.spc100.b210"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "30"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "manageone",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "6.5.rc2.b050"
},
{
"model": "virtualization host",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "h700s",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "hci management node",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "kernel",
"scope": "lt",
"trust": 1.0,
"vendor": "linux",
"version": "5.2.15"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.5"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"model": "imanager neteco 6000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "v600r008c10spc300"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-14835"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "154608"
},
{
"db": "PACKETSTORM",
"id": "154563"
},
{
"db": "PACKETSTORM",
"id": "154607"
},
{
"db": "PACKETSTORM",
"id": "154541"
},
{
"db": "PACKETSTORM",
"id": "154558"
},
{
"db": "PACKETSTORM",
"id": "154539"
}
],
"trust": 0.6
},
"cve": "CVE-2019-14835",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-14835",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-146821",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-14835",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "secalert@redhat.com",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.6,
"id": "CVE-2019-14835",
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-14835",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "secalert@redhat.com",
"id": "CVE-2019-14835",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-807",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-146821",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146821"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-807"
},
{
"db": "NVD",
"id": "CVE-2019-14835"
},
{
"db": "NVD",
"id": "CVE-2019-14835"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel\u0027s vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/linux-4.4.199/*: Upgraded. \n These updates fix various bugs and security issues. \n Be sure to upgrade your initrd after upgrading the kernel packages. \n If you use lilo to boot your machine, be sure lilo.conf points to the correct\n kernel and initrd and run lilo as root to update the bootloader. \n If you use elilo to boot your machine, you should run eliloconfig to copy the\n kernel and initrd to the EFI System Partition. \n For more information, see:\n Fixed in 4.4.191:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3900\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15118\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10906\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10905\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15117\n Fixed in 4.4.193:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835\n Fixed in 4.4.194:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14816\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14814\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15505\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821\n Fixed in 4.4.195:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17053\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17052\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17056\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17055\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17054\n Fixed in 4.4.196:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2215\n Fixed in 4.4.197:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16746\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20976\n Fixed in 4.4.198:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17075\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17133\n Fixed in 4.4.199:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15098\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated packages for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-smp-4.4.199_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199_smp-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-smp-4.4.199_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-i586-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-smp-4.4.199_smp-i686-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199_smp-noarch-1.txz\n\nUpdated packages for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199-x86-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-x86_64-1.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199-noarch-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.2 packages:\n\n0e523f42e759ecc2399f36e37672f110 kernel-generic-4.4.199-i586-1.txz\nee6451f5362008b46fee2e08e3077b21 kernel-generic-smp-4.4.199_smp-i686-1.txz\na8338ef88f2e3ea9c74d564c36ccd420 kernel-headers-4.4.199_smp-x86-1.txz\ncd9e9c241e4eec2fba1dae658a28870e kernel-huge-4.4.199-i586-1.txz\n842030890a424023817d42a83a86a7f4 kernel-huge-smp-4.4.199_smp-i686-1.txz\n257db024bb4501548ac9118dbd2d9ae6 kernel-modules-4.4.199-i586-1.txz\n96377cbaf7bca55aaca70358c63151a7 kernel-modules-smp-4.4.199_smp-i686-1.txz\n0673e86466f9e624964d95107cf6712f kernel-source-4.4.199_smp-noarch-1.txz\n\nSlackware x86_64 14.2 packages:\n6d1ff428e7cad6caa8860acc402447a1 kernel-generic-4.4.199-x86_64-1.txz\ndadc091dc725b8227e0d1e35098d6416 kernel-headers-4.4.199-x86-1.txz\nf5f4c034203f44dd1513ad3504c42515 kernel-huge-4.4.199-x86_64-1.txz\na5337cd8b2ca80d4d93b9e9688e42b03 kernel-modules-4.4.199-x86_64-1.txz\n5dd6e46c04f37b97062dc9e52cc38add kernel-source-4.4.199-noarch-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the packages as root:\n# upgradepkg kernel-*.txz\n\nIf you are using an initrd, you\u0027ll need to rebuild it. \n\nFor a 32-bit SMP machine, use this command (substitute the appropriate\nkernel version if you are not running Slackware 14.2):\n# /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199-smp | bash\n\nFor a 64-bit machine, or a 32-bit uniprocessor machine, use this command\n(substitute the appropriate kernel version if you are not running\nSlackware 14.2):\n# /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199 | bash\n\nPlease note that \"uniprocessor\" has to do with the kernel you are running,\nnot with the CPU. Most systems should run the SMP kernel (if they can)\nregardless of the number of cores the CPU has. If you aren\u0027t sure which\nkernel you are running, run \"uname -a\". If you see SMP there, you are\nrunning the SMP kernel and should use the 4.4.199-smp version when running\nmkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit\nsystems should always use 4.4.199 as the version. \n\nIf you are using lilo or elilo to boot the machine, you\u0027ll need to ensure\nthat the machine is properly prepared before rebooting. \n\nIf using LILO:\nBy default, lilo.conf contains an image= line that references a symlink\nthat always points to the correct kernel. No editing should be required\nunless your machine uses a custom lilo.conf. If that is the case, be sure\nthat the image= line references the correct kernel file. Either way,\nyou\u0027ll need to run \"lilo\" as root to reinstall the boot loader. \n\nIf using elilo:\nEnsure that the /boot/vmlinuz symlink is pointing to the kernel you wish\nto use, and then run eliloconfig to update the EFI System Partition. \n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. 6) - i386, x86_64\n\n3. =========================================================================\nUbuntu Security Notice USN-4135-2\nSeptember 18, 2019\n\nlinux, linux-aws, linux-azure, linux-lts-trusty, linux-lts-xenial\nvulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. (CVE-2019-14835)\n\nIt was discovered that the Linux kernel on PowerPC architectures did not\nproperly handle Facility Unavailable exceptions in some situations. A local\nattacker could use this to expose sensitive information. (CVE-2019-15030)\n\nIt was discovered that the Linux kernel on PowerPC architectures did not\nproperly handle exceptions on interrupts in some situations. A local\nattacker could use this to expose sensitive information. (CVE-2019-15031)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n linux-image-3.13.0-173-generic 3.13.0-173.224\n linux-image-3.13.0-173-generic-lpae 3.13.0-173.224\n linux-image-3.13.0-173-lowlatency 3.13.0-173.224\n linux-image-3.13.0-173-powerpc-e500 3.13.0-173.224\n linux-image-3.13.0-173-powerpc-e500mc 3.13.0-173.224\n linux-image-3.13.0-173-powerpc-smp 3.13.0-173.224\n linux-image-3.13.0-173-powerpc64-emb 3.13.0-173.224\n linux-image-3.13.0-173-powerpc64-smp 3.13.0-173.224\n linux-image-4.15.0-1059-azure 4.15.0-1059.64~14.04.1\n linux-image-4.4.0-1054-aws 4.4.0-1054.58\n linux-image-4.4.0-164-generic 4.4.0-164.192~14.04.1\n linux-image-4.4.0-164-generic-lpae 4.4.0-164.192~14.04.1\n linux-image-4.4.0-164-lowlatency 4.4.0-164.192~14.04.1\n linux-image-4.4.0-164-powerpc-e500mc 4.4.0-164.192~14.04.1\n linux-image-4.4.0-164-powerpc-smp 4.4.0-164.192~14.04.1\n linux-image-4.4.0-164-powerpc64-emb 4.4.0-164.192~14.04.1\n linux-image-4.4.0-164-powerpc64-smp 4.4.0-164.192~14.04.1\n linux-image-aws 4.4.0.1054.55\n linux-image-azure 4.15.0.1059.45\n linux-image-generic 3.13.0.173.184\n linux-image-generic-lpae 3.13.0.173.184\n linux-image-generic-lpae-lts-xenial 4.4.0.164.143\n linux-image-generic-lts-xenial 4.4.0.164.143\n linux-image-lowlatency 3.13.0.173.184\n linux-image-lowlatency-lts-xenial 4.4.0.164.143\n linux-image-powerpc-e500 3.13.0.173.184\n linux-image-powerpc-e500mc 3.13.0.173.184\n linux-image-powerpc-e500mc-lts-xenial 4.4.0.164.143\n linux-image-powerpc-smp 3.13.0.173.184\n linux-image-powerpc-smp-lts-xenial 4.4.0.164.143\n linux-image-powerpc64-emb 3.13.0.173.184\n linux-image-powerpc64-emb-lts-xenial 4.4.0.164.143\n linux-image-powerpc64-smp 3.13.0.173.184\n linux-image-powerpc64-smp-lts-xenial 4.4.0.164.143\n linux-image-server 3.13.0.173.184\n linux-image-virtual 3.13.0.173.184\n linux-image-virtual-lts-xenial 4.4.0.164.143\n\nUbuntu 12.04 ESM:\n linux-image-3.13.0-173-generic 3.13.0-173.224~12.04.1\n linux-image-3.13.0-173-generic-lpae 3.13.0-173.224~12.04.1\n linux-image-3.13.0-173-lowlatency 3.13.0-173.224~12.04.1\n linux-image-3.2.0-143-generic 3.2.0-143.190\n linux-image-3.2.0-143-generic-pae 3.2.0-143.190\n linux-image-3.2.0-143-highbank 3.2.0-143.190\n linux-image-3.2.0-143-omap 3.2.0-143.190\n linux-image-3.2.0-143-powerpc-smp 3.2.0-143.190\n linux-image-3.2.0-143-powerpc64-smp 3.2.0-143.190\n linux-image-3.2.0-143-virtual 3.2.0-143.190\n linux-image-generic 3.2.0.143.158\n linux-image-generic-lpae-lts-trusty 3.13.0.173.161\n linux-image-generic-lts-trusty 3.13.0.173.161\n linux-image-generic-pae 3.2.0.143.158\n linux-image-highbank 3.2.0.143.158\n linux-image-omap 3.2.0.143.158\n linux-image-powerpc 3.2.0.143.158\n linux-image-powerpc-smp 3.2.0.143.158\n linux-image-powerpc64-smp 3.2.0.143.158\n linux-image-server 3.2.0.143.158\n linux-image-virtual 3.2.0.143.158\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. 7.2) - noarch, x86_64\n\n3. \n(CVE-2019-14835)\n\n* kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* fs deadlock when a memory allocation waits on page writeback in NOFS\ncontext (BZ#1729103)\n\n* fragmented packets timing out (BZ#1729409)\n\n* kernel build: speed up debuginfo extraction (BZ#1731460)\n\n* use \"make -jN\" for modules_install (BZ#1735079)\n\n* shmem: consider shm_mnt as a long-term mount (BZ#1737374)\n\n* raid1d can hang in freeze_array if handling a mix of read and write\nerrors (BZ#1737792)\n\n* Backport TCP follow-up for small buffers (BZ#1739125)\n\n4. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: kernel security update\nAdvisory ID: RHSA-2019:2829-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:2829\nIssue date: 2019-09-20\nCVE Names: CVE-2019-14835\n====================================================================\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n(CVE-2019-14835)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1750727 - CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nkernel-3.10.0-1062.1.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm\nkernel-doc-3.10.0-1062.1.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1062.1.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nkernel-3.10.0-1062.1.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm\nkernel-doc-3.10.0-1062.1.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1062.1.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nkernel-3.10.0-1062.1.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm\nkernel-doc-3.10.0-1062.1.2.el7.noarch.rpm\n\nppc64:\nbpftool-3.10.0-1062.1.2.el7.ppc64.rpm\nbpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-bootwrapper-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-debug-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-debug-devel-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-devel-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-headers-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-tools-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-tools-libs-3.10.0-1062.1.2.el7.ppc64.rpm\nperf-3.10.0-1062.1.2.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\npython-perf-3.10.0-1062.1.2.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\n\nppc64le:\nbpftool-3.10.0-1062.1.2.el7.ppc64le.rpm\nbpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-debug-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-devel-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-headers-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-tools-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-1062.1.2.el7.ppc64le.rpm\nperf-3.10.0-1062.1.2.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\npython-perf-3.10.0-1062.1.2.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\n\ns390x:\nbpftool-3.10.0-1062.1.2.el7.s390x.rpm\nbpftool-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-debug-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-debug-devel-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-debuginfo-common-s390x-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-devel-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-headers-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-kdump-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-kdump-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm\nkernel-kdump-devel-3.10.0-1062.1.2.el7.s390x.rpm\nperf-3.10.0-1062.1.2.el7.s390x.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm\npython-perf-3.10.0-1062.1.2.el7.s390x.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm\n\nx86_64:\nbpftool-3.10.0-1062.1.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nbpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-debuginfo-common-ppc64-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\nkernel-tools-libs-devel-3.10.0-1062.1.2.el7.ppc64.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm\n\nppc64le:\nbpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-1062.1.2.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nkernel-3.10.0-1062.1.2.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm\nkernel-doc-3.10.0-1062.1.2.el7.noarch.rpm\n\nx86_64:\nbpftool-3.10.0-1062.1.2.el7.x86_64.rpm\nbpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nbpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm\nperf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-14835\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/kernel-vhost\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXYSDiNzjgjWX9erEAQiVUQ/9EzNEE3VBb1tjfASE0BrtTQXPGV5OD0jF\nxgNeuTZt7X15behgUtLM3tDg3eiPYZnEErojpJr52sh7Jz1J2GuVajbVpUtaW2Wm\nP+iI+zmtzhdUPns6zbuV4Qkyk0Q2WNxt1RLMcZeXtDMKiYN7Tj34wmF2aKhvAB6i\nDu+8LiPcsU84XcyT5z4lnG/iRCw1CqHvuVj7oJNQCWGC3X3Am6hkmuZ3Y1I5+cI8\nmqJIb+aEbvVnAzDLdyl9JoTOPy+e5X0wHLiTEwKgp6k6IaWdVoPoxcrx4M8TPPbN\n7A8Q7KrLAqeDNkft8YKmYgO3alE7915/FaRcpzAoPlBlot/OvCeiwP0qPjQ9ki0C\nJrOk98DYgRD0OxLfXoe4mMfYyh+yb+Q3APxjv6r75RJuxXIQGHMgo8EWVRNkA7Je\n2CMFtk2J1x/eiQnRN/UbEri6oDc9LIC6o4eANEm1hNPNoYi66xPDeTMiwua79q0n\nSnPLqXjjm0jDft7XOvv/5H9AuaRjurZLzMf6a08OouxCkzM8t1iRCnBrVTAW+AqW\nj/0eZz+ElMoM4xTtzM1aZit+0dy0wVbTdeCpbVJQre89Z2iA1exdgptnO+8/oLa3\nXnWaluoWVObovE4ev0czx8ML9oJ13gVglU2Zme3Uzian48/2+/bgJHrjr3J+GLYG\n6PiQ0CEHbCQ=V1EB\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 7) - ppc64le, x86_64\n\n3. Description:\n\nThis is a kernel live patch module which can be loaded by the kpatch\ncommand line utility to modify the code of a running kernel. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-14835"
},
{
"db": "VULHUB",
"id": "VHN-146821"
},
{
"db": "PACKETSTORM",
"id": "154608"
},
{
"db": "PACKETSTORM",
"id": "155212"
},
{
"db": "PACKETSTORM",
"id": "154563"
},
{
"db": "PACKETSTORM",
"id": "154513"
},
{
"db": "PACKETSTORM",
"id": "154607"
},
{
"db": "PACKETSTORM",
"id": "154541"
},
{
"db": "PACKETSTORM",
"id": "154558"
},
{
"db": "PACKETSTORM",
"id": "154539"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-14835",
"trust": 2.5
},
{
"db": "PACKETSTORM",
"id": "155212",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "154951",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "154572",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/10/03/1",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/10/09/7",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/09/24/1",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/10/09/3",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/09/17/1",
"trust": 1.7
},
{
"db": "PACKETSTORM",
"id": "154558",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "154514",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201909-807",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.4584",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0141",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4252",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0270",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4261",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3536",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4346",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4346.2",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "154539",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154513",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154563",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154541",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154538",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154570",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154602",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154562",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154566",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154564",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154540",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154565",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154585",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154659",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154569",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-146821",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154608",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154607",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146821"
},
{
"db": "PACKETSTORM",
"id": "154608"
},
{
"db": "PACKETSTORM",
"id": "155212"
},
{
"db": "PACKETSTORM",
"id": "154563"
},
{
"db": "PACKETSTORM",
"id": "154513"
},
{
"db": "PACKETSTORM",
"id": "154607"
},
{
"db": "PACKETSTORM",
"id": "154541"
},
{
"db": "PACKETSTORM",
"id": "154558"
},
{
"db": "PACKETSTORM",
"id": "154539"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-807"
},
{
"db": "NVD",
"id": "CVE-2019-14835"
}
]
},
"id": "VAR-201909-0695",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-146821"
}
],
"trust": 0.40555555
},
"last_update_date": "2024-11-29T21:39:24.301000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Linux kernel Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=98340"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-807"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146821"
},
{
"db": "NVD",
"id": "CVE-2019-14835"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://usn.ubuntu.com/4135-1/"
},
{
"trust": 2.3,
"url": "https://usn.ubuntu.com/4135-2/"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2827"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2829"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2854"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2863"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2899"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:2900"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/security/cve/cve-2019-14835"
},
{
"trust": 1.7,
"url": "https://seclists.org/bugtraq/2019/sep/41"
},
{
"trust": 1.7,
"url": "https://seclists.org/bugtraq/2019/nov/11"
},
{
"trust": 1.7,
"url": "https://www.debian.org/security/2019/dsa-4531"
},
{
"trust": 1.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/yw3qnmpenpfegvtofpsnobl7jeijs25p/"
},
{
"trust": 1.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/kqfy6jyfiq2vfq7qcsxpwtul5zdncjl5/"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhba-2019:2824"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2828"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2830"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2862"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2864"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2865"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2866"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2867"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2869"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2889"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2901"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2019:2924"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"trust": 1.7,
"url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2019/09/24/1"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2019/10/03/1"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/3"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2019/10/09/7"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/154572/kernel-live-patch-security-notice-lsn-0056-1.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/154951/kernel-live-patch-security-notice-lsn-0058-1.html"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/155212/slackware-security-advisory-slackware-14.2-kernel-updates.html"
},
{
"trust": 1.7,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-14835"
},
{
"trust": 1.7,
"url": "https://security.netapp.com/advisory/ntap-20191031-0005/"
},
{
"trust": 1.7,
"url": "https://www.openwall.com/lists/oss-security/2019/09/17/1"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14835"
},
{
"trust": 1.2,
"url": "https://access.redhat.com/security/vulnerabilities/kernel-vhost"
},
{
"trust": 0.6,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.6,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.6,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1750727"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/kqfy6jyfiq2vfq7qcsxpwtul5zdncjl5/"
},
{
"trust": 0.6,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/yw3qnmpenpfegvtofpsnobl7jeijs25p/"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914218-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html"
},
{
"trust": 0.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/linux-kernel-buffer-overflow-via-vhost-vhost-net-30355"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200115-01-qemu-cn"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4346/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4261/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4252/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4584/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/154558/red-hat-security-advisory-2019-2854-01.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/154514/ubuntu-security-notice-usn-4135-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3536/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0141/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1173364"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0270/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4346.2/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2019-1125"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1125"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/articles/4329821"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14835"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2215"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17054"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-16746"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17055"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17075"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15118"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17053"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10906"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10906"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-20976"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17052"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15117"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17133"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15505"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14821"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-16746"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17054"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2215"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15118"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10905"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17056"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10905"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14816"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15117"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17056"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14821"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10638"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17075"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17053"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3900"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10638"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17055"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20976"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14814"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17133"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15505"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14814"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17052"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4135-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15030"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4135-2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15031"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146821"
},
{
"db": "PACKETSTORM",
"id": "154608"
},
{
"db": "PACKETSTORM",
"id": "155212"
},
{
"db": "PACKETSTORM",
"id": "154563"
},
{
"db": "PACKETSTORM",
"id": "154513"
},
{
"db": "PACKETSTORM",
"id": "154607"
},
{
"db": "PACKETSTORM",
"id": "154541"
},
{
"db": "PACKETSTORM",
"id": "154558"
},
{
"db": "PACKETSTORM",
"id": "154539"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-807"
},
{
"db": "NVD",
"id": "CVE-2019-14835"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-146821"
},
{
"db": "PACKETSTORM",
"id": "154608"
},
{
"db": "PACKETSTORM",
"id": "155212"
},
{
"db": "PACKETSTORM",
"id": "154563"
},
{
"db": "PACKETSTORM",
"id": "154513"
},
{
"db": "PACKETSTORM",
"id": "154607"
},
{
"db": "PACKETSTORM",
"id": "154541"
},
{
"db": "PACKETSTORM",
"id": "154558"
},
{
"db": "PACKETSTORM",
"id": "154539"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-807"
},
{
"db": "NVD",
"id": "CVE-2019-14835"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-17T00:00:00",
"db": "VULHUB",
"id": "VHN-146821"
},
{
"date": "2019-09-25T18:06:56",
"db": "PACKETSTORM",
"id": "154608"
},
{
"date": "2019-11-08T15:37:19",
"db": "PACKETSTORM",
"id": "155212"
},
{
"date": "2019-09-23T18:25:56",
"db": "PACKETSTORM",
"id": "154563"
},
{
"date": "2019-09-18T21:22:34",
"db": "PACKETSTORM",
"id": "154513"
},
{
"date": "2019-09-25T18:06:46",
"db": "PACKETSTORM",
"id": "154607"
},
{
"date": "2019-09-20T14:58:33",
"db": "PACKETSTORM",
"id": "154541"
},
{
"date": "2019-09-21T18:10:56",
"db": "PACKETSTORM",
"id": "154558"
},
{
"date": "2019-09-20T14:57:46",
"db": "PACKETSTORM",
"id": "154539"
},
{
"date": "2019-09-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-807"
},
{
"date": "2019-09-17T16:15:10.980000",
"db": "NVD",
"id": "CVE-2019-14835"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-12T00:00:00",
"db": "VULHUB",
"id": "VHN-146821"
},
{
"date": "2023-03-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-807"
},
{
"date": "2024-11-21T04:27:27.790000",
"db": "NVD",
"id": "CVE-2019-14835"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "154513"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-807"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linux kernel Buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-807"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "overflow",
"sources": [
{
"db": "PACKETSTORM",
"id": "154608"
},
{
"db": "PACKETSTORM",
"id": "154563"
},
{
"db": "PACKETSTORM",
"id": "154607"
},
{
"db": "PACKETSTORM",
"id": "154541"
},
{
"db": "PACKETSTORM",
"id": "154558"
},
{
"db": "PACKETSTORM",
"id": "154539"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.