ALT Linux Team

Package kernel-image-std-def update in sisyphus on 2019-04-17

ALT-PU-2019-1666-1

Package kernel-image-std-def updated to version 4.19.35-alt1 for branch sisyphus in task 227269.

Closed vulnerabilities

Published: 2019-04-05

BDU:2019-02958

Уязвимость подсистемы виртуализации Kernel-based Virtual Machine (KVM) ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (5.6) Vector: AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
Severity: MEDIUM (4.4) Vector: AV:L/AC:M/Au:S/C:N/I:N/A:C
References:
Published: 2019-03-28

BDU:2020-01595

Уязвимость функции rds_tcp_kill_sock ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (8.1) Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL (9.3) Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
References:
Published: 2019-05-08
Modified: 2024-11-21

CVE-2019-11815

An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.

Severity: CRITICAL (9.3) Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Severity: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2019-04-09
Modified: 2024-11-21

CVE-2019-3887

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when 'virtualize x2APIC mode' is enabled. A guest could use this flaw to potentially crash the host kernel resulting in DoS issue. Kernel versions from 4.16 and newer are vulnerable to this issue.

Severity: MEDIUM (4.7) Vector: AV:L/AC:M/Au:N/C:N/I:N/A:C
Severity: MEDIUM (5.6) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.2
Back to top