ALT-BU-2019-3957-1
Branch p8 update bulletin.
Package kernel-image-un-def updated to version 4.19.73-alt0.M80P.1 for branch p8 in task 237599.
Closed vulnerabilities
BDU:2019-04676
Уязвимость ядра Linux, связанная с переполнения буфера виртуальной памяти, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность
BDU:2020-01342
Уязвимость функции SMB2_negotiate (fs/cifs/smb2pdu.c) ядра операционной системы Linux, позволяющая нарушителю выполнить произвольный код
BDU:2020-01488
Уязвимость компонента arch/powerpc/kernel/process.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации
BDU:2020-01490
Уязвимость компонента arch/powerpc/kernel/process.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2019-14835
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- openSUSE-SU-2019:2181
- http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html
- http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en
- [oss-security] 20190924 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20190924 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191003 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191003 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- RHBA-2019:2824
- RHBA-2019:2824
- RHSA-2019:2827
- RHSA-2019:2827
- RHSA-2019:2828
- RHSA-2019:2828
- RHSA-2019:2829
- RHSA-2019:2829
- RHSA-2019:2830
- RHSA-2019:2830
- RHSA-2019:2854
- RHSA-2019:2854
- RHSA-2019:2862
- RHSA-2019:2862
- RHSA-2019:2863
- RHSA-2019:2863
- RHSA-2019:2864
- RHSA-2019:2864
- RHSA-2019:2865
- RHSA-2019:2865
- RHSA-2019:2866
- RHSA-2019:2866
- RHSA-2019:2867
- RHSA-2019:2867
- RHSA-2019:2869
- RHSA-2019:2869
- RHSA-2019:2889
- RHSA-2019:2889
- RHSA-2019:2899
- RHSA-2019:2899
- RHSA-2019:2900
- RHSA-2019:2900
- RHSA-2019:2901
- RHSA-2019:2901
- RHSA-2019:2924
- RHSA-2019:2924
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- FEDORA-2019-e3010166bd
- FEDORA-2019-e3010166bd
- FEDORA-2019-a570a92d5a
- FEDORA-2019-a570a92d5a
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- https://security.netapp.com/advisory/ntap-20191031-0005/
- https://security.netapp.com/advisory/ntap-20191031-0005/
- USN-4135-1
- USN-4135-1
- USN-4135-2
- USN-4135-2
- DSA-4531
- DSA-4531
- https://www.openwall.com/lists/oss-security/2019/09/17/1
- https://www.openwall.com/lists/oss-security/2019/09/17/1
Modified: 2024-11-21
CVE-2019-15030
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- openSUSE-SU-2019:2181
- http://www.openwall.com/lists/oss-security/2019/09/10/3
- http://www.openwall.com/lists/oss-security/2019/09/10/3
- RHSA-2020:0740
- RHSA-2020:0740
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8205d5d98ef7f155de211f5e2eb6ca03d95a5a60
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8205d5d98ef7f155de211f5e2eb6ca03d95a5a60
- https://security.netapp.com/advisory/ntap-20191004-0001/
- https://security.netapp.com/advisory/ntap-20191004-0001/
- USN-4135-1
- USN-4135-1
- USN-4135-2
- USN-4135-2
Modified: 2024-11-21
CVE-2019-15031
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- openSUSE-SU-2019:2181
- http://www.openwall.com/lists/oss-security/2019/09/10/4
- http://www.openwall.com/lists/oss-security/2019/09/10/4
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a8318c13e79badb92bc6640704a64cc022a6eb97
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a8318c13e79badb92bc6640704a64cc022a6eb97
- https://security.netapp.com/advisory/ntap-20191004-0001/
- https://security.netapp.com/advisory/ntap-20191004-0001/
- USN-4135-1
- USN-4135-1
- USN-4135-2
- USN-4135-2
Modified: 2024-11-21
CVE-2019-15918
An issue was discovered in the Linux kernel before 5.0.10. SMB2_negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21.
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10
- https://github.com/torvalds/linux/commit/b57a55e2200ede754e4dc9cce4ba9402544b9365
- https://github.com/torvalds/linux/commit/b57a55e2200ede754e4dc9cce4ba9402544b9365
- https://security.netapp.com/advisory/ntap-20191004-0001/
- https://security.netapp.com/advisory/ntap-20191004-0001/
- USN-4162-1
- USN-4162-1
- USN-4162-2
- USN-4162-2