ALT-BU-2019-3642-1
Branch p8 update bulletin.
Package kernel-image-un-def updated to version 4.19.40-alt0.M80P.1 for branch p8 in task 228959.
Closed vulnerabilities
BDU:2019-02763
Уязвимость в файлах fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, mm/hugetlb.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
BDU:2019-03629
Уязвимость драйвера vfio ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2019-04515
Уязвимость функции dwc3_pci_probe() (drivers/usb/dwc3/dwc3-pci.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2023-02534
Уязвимость функции pde_subdir_find() в модуле fs/proc/generic.c ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2019-10125
An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.
- 107655
- 107655
- https://patchwork.kernel.org/patch/10828359/
- https://patchwork.kernel.org/patch/10828359/
- https://security.netapp.com/advisory/ntap-20190411-0003/
- https://security.netapp.com/advisory/ntap-20190411-0003/
- https://support.f5.com/csp/article/K29215970
- https://support.f5.com/csp/article/K29215970
Modified: 2024-11-21
CVE-2019-11487
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.
- openSUSE-SU-2019:1570
- openSUSE-SU-2019:1570
- openSUSE-SU-2019:1571
- openSUSE-SU-2019:1571
- openSUSE-SU-2019:1579
- openSUSE-SU-2019:1579
- [oss-security] 20190429 Linux kernel: multiple issues
- [oss-security] 20190429 Linux kernel: multiple issues
- 108054
- 108054
- RHSA-2019:2703
- RHSA-2019:2703
- RHSA-2019:2741
- RHSA-2019:2741
- RHSA-2020:0174
- RHSA-2020:0174
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1752
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1752
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=15fab63e1e57be9fdb5eec1bbc5916e9825e9acb
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=15fab63e1e57be9fdb5eec1bbc5916e9825e9acb
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b3a707736301c2128ca85ce85fb13f60b5e350a
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b3a707736301c2128ca85ce85fb13f60b5e350a
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=88b1a17dfc3ed7728316478fae0f5ad508f50397
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=88b1a17dfc3ed7728316478fae0f5ad508f50397
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fde12ca79aff9b5ba951fce1a2641901b8d8e64
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fde12ca79aff9b5ba951fce1a2641901b8d8e64
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f958d7b528b1b40c44cfda5eabe2d82760d868c3
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f958d7b528b1b40c44cfda5eabe2d82760d868c3
- https://github.com/torvalds/linux/commit/15fab63e1e57be9fdb5eec1bbc5916e9825e9acb
- https://github.com/torvalds/linux/commit/15fab63e1e57be9fdb5eec1bbc5916e9825e9acb
- https://github.com/torvalds/linux/commit/6b3a707736301c2128ca85ce85fb13f60b5e350a
- https://github.com/torvalds/linux/commit/6b3a707736301c2128ca85ce85fb13f60b5e350a
- https://github.com/torvalds/linux/commit/88b1a17dfc3ed7728316478fae0f5ad508f50397
- https://github.com/torvalds/linux/commit/88b1a17dfc3ed7728316478fae0f5ad508f50397
- https://github.com/torvalds/linux/commit/8fde12ca79aff9b5ba951fce1a2641901b8d8e64
- https://github.com/torvalds/linux/commit/8fde12ca79aff9b5ba951fce1a2641901b8d8e64
- https://github.com/torvalds/linux/commit/f958d7b528b1b40c44cfda5eabe2d82760d868c3
- https://github.com/torvalds/linux/commit/f958d7b528b1b40c44cfda5eabe2d82760d868c3
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- https://lwn.net/Articles/786044/
- https://lwn.net/Articles/786044/
- https://security.netapp.com/advisory/ntap-20190517-0005/
- https://security.netapp.com/advisory/ntap-20190517-0005/
- https://support.f5.com/csp/article/K14255532
- https://support.f5.com/csp/article/K14255532
- USN-4069-1
- USN-4069-1
- USN-4069-2
- USN-4069-2
- USN-4115-1
- USN-4115-1
- USN-4118-1
- USN-4118-1
- USN-4145-1
- USN-4145-1
- https://www.oracle.com/security-alerts/cpuApr2021.html
- https://www.oracle.com/security-alerts/cpuApr2021.html
Modified: 2024-11-21
CVE-2019-15292
An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- openSUSE-SU-2019:2181
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.9
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.9
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6377f787aeb945cae7abbb6474798de129e1f3ac
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6377f787aeb945cae7abbb6474798de129e1f3ac
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- [debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- https://security.netapp.com/advisory/ntap-20190905-0002/
- https://security.netapp.com/advisory/ntap-20190905-0002/
- https://support.f5.com/csp/article/K27112954
- https://support.f5.com/csp/article/K27112954
- https://support.f5.com/csp/article/K27112954?utm_source=f5support&%3Butm_medium=RSS
- https://support.f5.com/csp/article/K27112954?utm_source=f5support&%3Butm_medium=RSS
- USN-4115-1
- USN-4115-1
- USN-4118-1
- USN-4118-1
Modified: 2024-11-21
CVE-2019-18805
An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.
- openSUSE-SU-2019:2503
- openSUSE-SU-2019:2503
- openSUSE-SU-2019:2507
- openSUSE-SU-2019:2507
- RHSA-2020:0740
- RHSA-2020:0740
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.11
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.11
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19fad20d15a6494f47f85d869f00b11343ee5c78
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19fad20d15a6494f47f85d869f00b11343ee5c78
- https://security.netapp.com/advisory/ntap-20191205-0001/
- https://security.netapp.com/advisory/ntap-20191205-0001/
Modified: 2024-11-21
CVE-2019-3882
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.
- openSUSE-SU-2019:1404
- openSUSE-SU-2019:1404
- openSUSE-SU-2019:1407
- openSUSE-SU-2019:1407
- openSUSE-SU-2019:1479
- openSUSE-SU-2019:1479
- RHSA-2019:2029
- RHSA-2019:2029
- RHSA-2019:2043
- RHSA-2019:2043
- RHSA-2019:3309
- RHSA-2019:3309
- RHSA-2019:3517
- RHSA-2019:3517
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3882
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3882
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- https://security.netapp.com/advisory/ntap-20190517-0005/
- https://security.netapp.com/advisory/ntap-20190517-0005/
- USN-3979-1
- USN-3979-1
- USN-3980-1
- USN-3980-1
- USN-3980-2
- USN-3980-2
- USN-3981-1
- USN-3981-1
- USN-3981-2
- USN-3981-2
- USN-3982-1
- USN-3982-1
- USN-3982-2
- USN-3982-2
- DSA-4497
- DSA-4497
Package lightdm-gtk-greeter-pd updated to version 2.0.1.8-alt0.M80P.1 for branch p8 in task 228010.
Closed bugs
greeter-hide-users=true скрывает вообще указание пользователя
Closed bugs
Error: You are missing the following 32-bit libraries, and Steam may not run: libnsl.so.1
Package kernel-image-std-debug updated to version 4.9.173-alt0.M80P.1 for branch p8 in task 228921.
Closed vulnerabilities
BDU:2019-03629
Уязвимость драйвера vfio ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2019-3882
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.
- openSUSE-SU-2019:1404
- openSUSE-SU-2019:1404
- openSUSE-SU-2019:1407
- openSUSE-SU-2019:1407
- openSUSE-SU-2019:1479
- openSUSE-SU-2019:1479
- RHSA-2019:2029
- RHSA-2019:2029
- RHSA-2019:2043
- RHSA-2019:2043
- RHSA-2019:3309
- RHSA-2019:3309
- RHSA-2019:3517
- RHSA-2019:3517
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3882
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3882
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-1] linux security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update
- [debian-lts-announce] 20190528 [SECURITY] [DLA 1799-2] linux security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- [debian-lts-announce] 20190814 [SECURITY] [DLA 1885-1] linux-4.9 security update
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- 20190813 [SECURITY] [DSA 4497-1] linux security update
- https://security.netapp.com/advisory/ntap-20190517-0005/
- https://security.netapp.com/advisory/ntap-20190517-0005/
- USN-3979-1
- USN-3979-1
- USN-3980-1
- USN-3980-1
- USN-3980-2
- USN-3980-2
- USN-3981-1
- USN-3981-1
- USN-3981-2
- USN-3981-2
- USN-3982-1
- USN-3982-1
- USN-3982-2
- USN-3982-2
- DSA-4497
- DSA-4497