ALT-BU-2018-3603-1
Branch sisyphus update bulletin.
Package btrfs-progs updated to version 4.19-alt2 for branch sisyphus in task 216912.
Closed bugs
symlink /usr/bin/btrfs -> /usr/sbin/btrfs
BTRFS udev rule is missing
Package kernel-image-mp updated to version 4.19.4-alt1 for branch sisyphus in task 216914.
Closed vulnerabilities
BDU:2019-00432
Уязвимость функции map_write() ("kernel/user_namespace.c") ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
BDU:2019-01052
Уязвимость функции vcpu_scan_ioapic ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2019-01062
Уязвимость функции crypto_report_one() ядра операционной системы Linux, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
BDU:2021-01410
Уязвимость буфера сокета SCTP ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2021-01437
Уязвимость функции cdrom_ioctl_select_disc (drivers/cdrom/cdrom.c) ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальным данным
BDU:2022-03207
Уязвимость компонента TCP Pace Handler функции tcp_internal_pacing в файле net/ipv4/tcp_output.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2018-18710
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276
- 106041
- 106041
- https://github.com/torvalds/linux/commit/e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276
- https://github.com/torvalds/linux/commit/e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276
- [debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update
- [debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update
- [debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update
- [debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update
- [debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update
- [debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update
- USN-3846-1
- USN-3846-1
- USN-3847-1
- USN-3847-1
- USN-3847-2
- USN-3847-2
- USN-3847-3
- USN-3847-3
- USN-3848-1
- USN-3848-1
- USN-3848-2
- USN-3848-2
- USN-3849-1
- USN-3849-1
- USN-3849-2
- USN-3849-2
Modified: 2024-11-21
CVE-2018-18955
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace can bypass access controls on resources outside the namespace, as demonstrated by reading /etc/shadow. This occurs because an ID transformation takes place properly for the namespaced-to-kernel direction but not for the kernel-to-namespaced direction.
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d2f007dbe7e4c9583eea6eb04d60001e85c6f1bd
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d2f007dbe7e4c9583eea6eb04d60001e85c6f1bd
- 105941
- 105941
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1712
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1712
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.19
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.18.19
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.2
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.2
- https://github.com/torvalds/linux/commit/d2f007dbe7e4c9583eea6eb04d60001e85c6f1bd
- https://github.com/torvalds/linux/commit/d2f007dbe7e4c9583eea6eb04d60001e85c6f1bd
- https://security.netapp.com/advisory/ntap-20190416-0003/
- https://security.netapp.com/advisory/ntap-20190416-0003/
- https://support.f5.com/csp/article/K39103040
- https://support.f5.com/csp/article/K39103040
- USN-3832-1
- USN-3832-1
- USN-3833-1
- USN-3833-1
- USN-3835-1
- USN-3835-1
- USN-3836-1
- USN-3836-1
- USN-3836-2
- USN-3836-2
- 45886
- 45886
- 45915
- 45915
Modified: 2024-11-21
CVE-2018-19406
kvm_pv_send_ipi in arch/x86/kvm/lapic.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where the apic map is uninitialized.
Modified: 2024-11-21
CVE-2018-19407
The vcpu_scan_ioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) via crafted system calls that reach a situation where ioapic is uninitialized.
- 105987
- 105987
- [debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update
- [debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update
- https://lkml.org/lkml/2018/11/20/580
- https://lkml.org/lkml/2018/11/20/580
- USN-3871-1
- USN-3871-1
- USN-3871-3
- USN-3871-3
- USN-3871-4
- USN-3871-4
- USN-3871-5
- USN-3871-5
- USN-3872-1
- USN-3872-1
- USN-3878-1
- USN-3878-1
- USN-3878-2
- USN-3878-2
- USN-3879-1
- USN-3879-1
- USN-3879-2
- USN-3879-2
Modified: 2024-11-21
CVE-2018-19854
An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sensitive memory to user programs. NOTE: this is a CVE-2013-2547 regression but with easier exploitability because the attacker does not need a capability (however, the system must have the CONFIG_CRYPTO_USER kconfig option).
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f43f39958beb206b53292801e216d9b8a660f087
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f43f39958beb206b53292801e216d9b8a660f087
- RHSA-2019:3309
- RHSA-2019:3309
- RHSA-2019:3517
- RHSA-2019:3517
- https://github.com/torvalds/linux/commit/f43f39958beb206b53292801e216d9b8a660f087
- https://github.com/torvalds/linux/commit/f43f39958beb206b53292801e216d9b8a660f087
- https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.3
- https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.3
- USN-3872-1
- USN-3872-1
- USN-3878-1
- USN-3878-1
- USN-3878-2
- USN-3878-2
- USN-3901-1
- USN-3901-1
- USN-3901-2
- USN-3901-2
Modified: 2024-11-21
CVE-2019-3874
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
- RHSA-2019:3309
- RHSA-2019:3309
- RHSA-2019:3517
- RHSA-2019:3517
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3874
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update
- [debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update
- https://security.netapp.com/advisory/ntap-20190411-0003/
- https://security.netapp.com/advisory/ntap-20190411-0003/
- USN-3979-1
- USN-3979-1
- USN-3980-1
- USN-3980-1
- USN-3980-2
- USN-3980-2
- USN-3981-1
- USN-3981-1
- USN-3981-2
- USN-3981-2
- USN-3982-1
- USN-3982-1
- USN-3982-2
- USN-3982-2
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
Modified: 2024-11-21
CVE-2022-1678
An issue was discovered in the Linux Kernel from 4.18 to 4.19, an improper update of sock reference in TCP pacing can lead to memory/netns leak, which can be used by remote clients.
- https://anas.openanolis.cn/cves/detail/CVE-2022-1678
- https://anas.openanolis.cn/cves/detail/CVE-2022-1678
- https://anas.openanolis.cn/errata/detail/ANSA-2022:0143
- https://anas.openanolis.cn/errata/detail/ANSA-2022:0143
- https://bugzilla.openanolis.cn/show_bug.cgi?id=61
- https://bugzilla.openanolis.cn/show_bug.cgi?id=61
- https://gitee.com/anolis/cloud-kernel/commit/bed537da691b
- https://gitee.com/anolis/cloud-kernel/commit/bed537da691b
- https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a
- https://github.com/torvalds/linux/commit/0a70f118475e037732557796accd0878a00fc25a
- https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing%40gmail.com/
- https://lore.kernel.org/all/20200602080425.93712-1-kerneljasonxing%40gmail.com/
- https://security.netapp.com/advisory/ntap-20220715-0001/
- https://security.netapp.com/advisory/ntap-20220715-0001/
Closed bugs
сломан выбор кодировки по умолчанию
Package nvidia_glx_common updated to version 410.73-alt205 for branch sisyphus in task 216913.
Closed bugs
Version mismatch: nvidia.ko(390.87) nvidia-modeset.ko(410.73)
Package kde5-okular updated to version 18.04.3-alt3 for branch sisyphus in task 216918.
Closed bugs
Okular в памяти вырос до 250 мб