ALT-BU-2019-3959-1
Branch sisyphus update bulletin.
Package kernel-image-mp updated to version 5.2.16-alt1 for branch sisyphus in task 237819.
Closed vulnerabilities
BDU:2019-03478
Уязвимость функции nbd_genl_status ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
BDU:2019-04676
Уязвимость ядра Linux, связанная с переполнения буфера виртуальной памяти, позволяющая нарушителю получить несанкционированный доступ к информации и нарушить ее целостность и доступность
BDU:2020-01488
Уязвимость компонента arch/powerpc/kernel/process.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации
BDU:2020-01490
Уязвимость компонента arch/powerpc/kernel/process.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность и доступность защищаемой информации
BDU:2020-01862
Уязвимость функции в drivers/net/wireless/rsi/rsi_91x_usb.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2019-14835
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- openSUSE-SU-2019:2181
- http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html
- http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en
- [oss-security] 20190924 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20190924 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191003 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191003 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- [oss-security] 20191009 Re: CVE-2019-14835: QEMU-KVM Guest to Host Kernel Escape Vulnerability: vhost/vhost_net kernel buffer overflow
- RHBA-2019:2824
- RHBA-2019:2824
- RHSA-2019:2827
- RHSA-2019:2827
- RHSA-2019:2828
- RHSA-2019:2828
- RHSA-2019:2829
- RHSA-2019:2829
- RHSA-2019:2830
- RHSA-2019:2830
- RHSA-2019:2854
- RHSA-2019:2854
- RHSA-2019:2862
- RHSA-2019:2862
- RHSA-2019:2863
- RHSA-2019:2863
- RHSA-2019:2864
- RHSA-2019:2864
- RHSA-2019:2865
- RHSA-2019:2865
- RHSA-2019:2866
- RHSA-2019:2866
- RHSA-2019:2867
- RHSA-2019:2867
- RHSA-2019:2869
- RHSA-2019:2869
- RHSA-2019:2889
- RHSA-2019:2889
- RHSA-2019:2899
- RHSA-2019:2899
- RHSA-2019:2900
- RHSA-2019:2900
- RHSA-2019:2901
- RHSA-2019:2901
- RHSA-2019:2924
- RHSA-2019:2924
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- [debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- [debian-lts-announce] 20191001 [SECURITY] [DLA 1940-1] linux-4.9 security update
- FEDORA-2019-e3010166bd
- FEDORA-2019-e3010166bd
- FEDORA-2019-a570a92d5a
- FEDORA-2019-a570a92d5a
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- 20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- 20190925 [SECURITY] [DSA 4531-1] linux security update
- https://security.netapp.com/advisory/ntap-20191031-0005/
- https://security.netapp.com/advisory/ntap-20191031-0005/
- USN-4135-1
- USN-4135-1
- USN-4135-2
- USN-4135-2
- DSA-4531
- DSA-4531
- https://www.openwall.com/lists/oss-security/2019/09/17/1
- https://www.openwall.com/lists/oss-security/2019/09/17/1
Modified: 2024-11-21
CVE-2019-15030
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- openSUSE-SU-2019:2181
- http://www.openwall.com/lists/oss-security/2019/09/10/3
- http://www.openwall.com/lists/oss-security/2019/09/10/3
- RHSA-2020:0740
- RHSA-2020:0740
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8205d5d98ef7f155de211f5e2eb6ca03d95a5a60
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8205d5d98ef7f155de211f5e2eb6ca03d95a5a60
- https://security.netapp.com/advisory/ntap-20191004-0001/
- https://security.netapp.com/advisory/ntap-20191004-0001/
- USN-4135-1
- USN-4135-1
- USN-4135-2
- USN-4135-2
Modified: 2024-11-21
CVE-2019-15031
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2173
- openSUSE-SU-2019:2181
- openSUSE-SU-2019:2181
- http://www.openwall.com/lists/oss-security/2019/09/10/4
- http://www.openwall.com/lists/oss-security/2019/09/10/4
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a8318c13e79badb92bc6640704a64cc022a6eb97
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a8318c13e79badb92bc6640704a64cc022a6eb97
- https://security.netapp.com/advisory/ntap-20191004-0001/
- https://security.netapp.com/advisory/ntap-20191004-0001/
- USN-4135-1
- USN-4135-1
- USN-4135-2
- USN-4135-2
Modified: 2024-11-21
CVE-2019-15504
drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic (which may be remote via usbip or usbredir).
- FEDORA-2019-97380355ae
- FEDORA-2019-97380355ae
- FEDORA-2019-4c91a2f76e
- FEDORA-2019-4c91a2f76e
- https://lore.kernel.org/lkml/20190819220230.10597-1-benquike%40gmail.com/
- https://lore.kernel.org/lkml/20190819220230.10597-1-benquike%40gmail.com/
- https://security.netapp.com/advisory/ntap-20190905-0002/
- https://security.netapp.com/advisory/ntap-20190905-0002/
- https://support.f5.com/csp/article/K33554143
- https://support.f5.com/csp/article/K33554143
- https://support.f5.com/csp/article/K33554143?utm_source=f5support&%3Butm_medium=RSS
- https://support.f5.com/csp/article/K33554143?utm_source=f5support&%3Butm_medium=RSS
- USN-4157-1
- USN-4157-1
- USN-4157-2
- USN-4157-2
Modified: 2024-11-21
CVE-2019-16089
An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
- https://lore.kernel.org/patchwork/patch/1106884/
- https://lore.kernel.org/patchwork/patch/1106884/
- https://lore.kernel.org/patchwork/patch/1126650/
- https://lore.kernel.org/patchwork/patch/1126650/
- https://security.netapp.com/advisory/ntap-20191004-0001/
- https://security.netapp.com/advisory/ntap-20191004-0001/
- https://support.f5.com/csp/article/K03814795?utm_source=f5support&%3Butm_medium=RSS
- https://support.f5.com/csp/article/K03814795?utm_source=f5support&%3Butm_medium=RSS
- USN-4414-1
- USN-4414-1
- USN-4425-1
- USN-4425-1
- USN-4439-1
- USN-4439-1
- USN-4440-1
- USN-4440-1
Modified: 2024-11-21
CVE-2019-16714
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.
- [oss-security] 20190924 CVE-2019-16714: info leak in RDS rds6_inc_info_copy
- [oss-security] 20190924 CVE-2019-16714: info leak in RDS rds6_inc_info_copy
- [oss-security] 20190925 CVE-2019-16714: Linux kernel net/rds: info leak vulnerability in rds6_inc_info_copy
- [oss-security] 20190925 CVE-2019-16714: Linux kernel net/rds: info leak vulnerability in rds6_inc_info_copy
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.14
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.14
- https://github.com/torvalds/linux/commit/7d0a06586b2686ba80c4a2da5f91cb10ffbea736
- https://github.com/torvalds/linux/commit/7d0a06586b2686ba80c4a2da5f91cb10ffbea736
- https://security.netapp.com/advisory/ntap-20191031-0005/
- https://security.netapp.com/advisory/ntap-20191031-0005/
- https://support.f5.com/csp/article/K48351130?utm_source=f5support&%3Butm_medium=RSS
- https://support.f5.com/csp/article/K48351130?utm_source=f5support&%3Butm_medium=RSS
- USN-4157-1
- USN-4157-1
- USN-4157-2
- USN-4157-2
Closed vulnerabilities
BDU:2023-01974
Уязвимость функций stack_protect_prologue и stack_protect_epilogue набора компиляторов для различных языков программирования GNU Compiler Collection (GCC), позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Modified: 2024-11-21
CVE-2018-12886
stack_protect_prologue in cfgexpand.c and stack_protect_epilogue in function.c in GNU Compiler Collection (GCC) 4.1 through 8 (under certain circumstances) generate instruction sequences when targeting ARM targets that spill the address of the stack protector guard, which allows an attacker to bypass the protection of -fstack-protector, -fstack-protector-all, -fstack-protector-strong, and -fstack-protector-explicit against stack overflow by controlling what the stack canary is compared against.
Package nautilus-dropbox updated to version 2019.02.14-alt1 for branch sisyphus in task 237854.
Closed bugs
Обновить до версии 2019.02.14