Vulnerabilities > CVE-2019-0155

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
redhat
intel
canonical
nessus

Summary

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vulnerable Configurations

Part Description Count
OS
Redhat
3
OS
Intel
352
OS
Canonical
1
Application
Intel
50
Hardware
Intel
352

Nessus

  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4186-1.NASL
    descriptionStephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666) Maddie Stone discovered that the Binder IPC Driver implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-2215). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2019-11-13
    plugin id130966
    published2019-11-13
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130966
    titleUbuntu 16.04 LTS : linux, linux-aws, linux-kvm vulnerabilities (USN-4186-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Ubuntu Security Notice USN-4186-1. The text 
    # itself is copyright (C) Canonical, Inc. See 
    # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
    # trademark of Canonical, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(130966);
      script_version("1.5");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24");
    
      script_cve_id("CVE-2018-12207", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-11135", "CVE-2019-15098", "CVE-2019-16746", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17666", "CVE-2019-2215");
      script_xref(name:"USN", value:"4186-1");
    
      script_name(english:"Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm vulnerabilities (USN-4186-1)");
      script_summary(english:"Checks dpkg output for updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Ubuntu host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro
    Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi
    Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van
    Bulck discovered that Intel processors using Transactional
    Synchronization Extensions (TSX) could expose memory contents
    previously stored in microarchitectural buffers to a malicious process
    that is executing on the same CPU core. A local attacker could use
    this to expose sensitive information. (CVE-2019-11135)
    
    It was discovered that the Intel i915 graphics chipsets allowed
    userspace to modify page table entries via writes to MMIO from the
    Blitter Command Streamer and expose kernel memory information. A local
    attacker could use this to expose sensitive information or possibly
    elevate privileges. (CVE-2019-0155)
    
    Deepak Gupta discovered that on certain Intel processors, the Linux
    kernel did not properly perform invalidation on page table updates by
    virtual guest operating systems. A local attacker in a guest VM could
    use this to cause a denial of service (host system crash).
    (CVE-2018-12207)
    
    It was discovered that the Intel i915 graphics chipsets could cause a
    system hang when userspace performed a read from GT memory mapped
    input output (MMIO) when the product is in certain low power states. A
    local attacker could use this to cause a denial of service.
    (CVE-2019-0154)
    
    Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver
    for the Linux kernel did not properly validate endpoint descriptors
    returned by the device. A physically proximate attacker could use this
    to cause a denial of service (system crash). (CVE-2019-15098)
    
    It was discovered that a buffer overflow existed in the 802.11 Wi-Fi
    configuration interface for the Linux kernel when handling beacon
    settings. A local attacker could use this to cause a denial of service
    (system crash) or possibly execute arbitrary code. (CVE-2019-16746)
    
    Ori Nimron discovered that the AX25 network protocol implementation in
    the Linux kernel did not properly perform permissions checks. A local
    attacker could use this to create a raw socket. (CVE-2019-17052)
    
    Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network
    protocol implementation in the Linux kernel did not properly perform
    permissions checks. A local attacker could use this to create a raw
    socket. (CVE-2019-17053)
    
    Ori Nimron discovered that the Appletalk network protocol
    implementation in the Linux kernel did not properly perform
    permissions checks. A local attacker could use this to create a raw
    socket. (CVE-2019-17054)
    
    Ori Nimron discovered that the modular ISDN network protocol
    implementation in the Linux kernel did not properly perform
    permissions checks. A local attacker could use this to create a raw
    socket. (CVE-2019-17055)
    
    Ori Nimron discovered that the Near field Communication (NFC) network
    protocol implementation in the Linux kernel did not properly perform
    permissions checks. A local attacker could use this to create a raw
    socket. (CVE-2019-17056)
    
    Nico Waisman discovered that a buffer overflow existed in the Realtek
    Wi-Fi driver for the Linux kernel when handling Notice of Absence
    frames. A physically proximate attacker could use this to cause a
    denial of service (system crash) or possibly execute arbitrary code.
    (CVE-2019-17666)
    
    Maddie Stone discovered that the Binder IPC Driver implementation in
    the Linux kernel contained a use-after-free vulnerability. A local
    attacker could use this to cause a denial of service (system crash) or
    possibly execute arbitrary code. (CVE-2019-2215).
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Ubuntu security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://usn.ubuntu.com/4186-1/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-17666");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'Android Binder Use-After-Free Exploit');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-aws");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-kvm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-aws");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-kvm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/16");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/11/13");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/11/13");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Ubuntu Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("ubuntu.inc");
    include("ksplice.inc");
    
    if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/Ubuntu/release");
    if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
    release = chomp(release);
    if (! preg(pattern:"^(16\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04", "Ubuntu " + release);
    if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2018-12207", "CVE-2019-0154", "CVE-2019-0155", "CVE-2019-11135", "CVE-2019-15098", "CVE-2019-16746", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17666", "CVE-2019-2215");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-4186-1");
      }
      else
      {
        _ubuntu_report = ksplice_reporting_text();
      }
    }
    
    flag = 0;
    
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-4.4.0-1062-kvm", pkgver:"4.4.0-1062.69")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-4.4.0-1098-aws", pkgver:"4.4.0-1098.109")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-4.4.0-168-generic", pkgver:"4.4.0-168.197")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-4.4.0-168-generic-lpae", pkgver:"4.4.0-168.197")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-4.4.0-168-lowlatency", pkgver:"4.4.0-168.197")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-aws", pkgver:"4.4.0.1098.102")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-generic", pkgver:"4.4.0.168.176")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-generic-lpae", pkgver:"4.4.0.168.176")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-kvm", pkgver:"4.4.0.1062.62")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-lowlatency", pkgver:"4.4.0.168.176")) flag++;
    if (ubuntu_check(osver:"16.04", pkgname:"linux-image-virtual", pkgver:"4.4.0.168.176")) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : ubuntu_report_get()
      );
      exit(0);
    }
    else
    {
      tested = ubuntu_pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-4.4-aws / linux-image-4.4-generic / etc");
    }
    
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-3871.NASL
    descriptionFrom Red Hat Security Advisory 2019:3871 : An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131273
    published2019-11-25
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131273
    titleOracle Linux 8 : kernel (ELSA-2019-3871)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4183-1.NASL
    descriptionStephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Jann Horn discovered a reference count underflow in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15791) Jann Horn discovered a type confusion vulnerability in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15792) Jann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace. A local attacker could use this to possibly bypass DAC permissions or have some other unspecified impact. (CVE-2019-15793) It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130963
    published2019-11-13
    reporterUbuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130963
    titleUbuntu 19.10 : linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, (USN-4183-1)
  • NASL familyVirtuozzo Local Security Checks
    NASL idVIRTUOZZO_VZA-2019-089.NASL
    descriptionAccording to the versions of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - hw: Machine Check Error on Page Size Change (IFU) - hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write - Kernel: vhost_net: infinite loop while receiving packets leads to DoS - Kernel: vhost-net: guest to host kernel escape during migration - hw: Intel GPU Denial Of Service while accessing MMIO in lower power state - hw: TSX Transaction Asynchronous Abort (TAA) Note that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id131227
    published2019-11-22
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131227
    titleVirtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2019-089)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2946-1.NASL
    descriptionThe SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735 CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described
    last seen2020-06-01
    modified2020-06-02
    plugin id130946
    published2019-11-13
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130946
    titleSUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:2946-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3873.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131003
    published2019-11-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131003
    titleRHEL 7 : kernel (RHSA-2019:3873)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1112.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.Security Fix(es):** DISPUTED ** In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable.(CVE-2014-3180)A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system.(CVE-2019-14901)A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.(CVE-2019-14896)A memory leak in the ath10k_usb_hif_tx_sg() function in driverset/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-b8d17e7d93d2.(CVE-2019-19078)A memory leak in the mlx5_fpga_conn_create_cq() function in driverset/ethernet/mellanox/mlx5/core/fpga/conn.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures, aka CID-c8c2a057fdc7.(CVE-2019-19045)A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA.(CVE-2019-14897)An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel
    last seen2020-05-06
    modified2020-02-24
    plugin id133913
    published2020-02-24
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133913
    titleEulerOS 2.0 SP5 : kernel (EulerOS-SA-2020-1112)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2020-0008_KERNEL-RT.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access. (CVE-2019-0154) - Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2019-0155) - The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. (CVE-2019-9500) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id133076
    published2020-01-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133076
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2020-0008)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-1689D3FE07.NASL
    descriptionThe 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130919
    published2019-11-13
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130919
    titleFedora 30 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-1689d3fe07)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1396.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer states that the work queue allocation is happening during device initialization, which for a graphics card occurs during boot. It is not attacker controllable and OOM at that time is highly unlikely.(CVE-2019-16230) - In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).(CVE-2019-19768) - A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessible to the L2 guest.(CVE-2020-2732) - There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.(CVE-2020-8647) - There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.(CVE-2020-8648) - There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.(CVE-2020-8649) - ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.(CVE-2020-8992) - An issue was discovered in the Linux kernel through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2.(CVE-2020-9383) - In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable.(CVE-2014-3180) - A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_existing function is called after a STA connects to an AP.(CVE-2019-14896) - A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to cause a denial of service (system crash) or, possibly execute arbitrary code, when a STA works in IBSS mode (allows connecting stations together without the use of an AP) and connects to another STA.(CVE-2019-14897) - An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel
    last seen2020-05-06
    modified2020-04-15
    plugin id135525
    published2020-04-15
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/135525
    titleEulerOS 2.0 SP3 : kernel (EulerOS-SA-2020-1396)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-3878.NASL
    descriptionFrom Red Hat Security Advisory 2019:3878 : An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131112
    published2019-11-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131112
    titleOracle Linux 6 : kernel (ELSA-2019-3878)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2020-0002_KERNEL.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. (CVE-2018-12207) - Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access. (CVE-2019-0154) - Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2019-0155) - TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11135) - The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. (CVE-2019-9500) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id133072
    published2020-01-20
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133072
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2020-0002)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4185-3.NASL
    descriptionUSN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update addresses both issues. We apologize for the inconvenience. Original advisory details : Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id131013
    published2019-11-14
    reporterUbuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131013
    titleUbuntu 16.04 LTS / 18.04 LTS : linux, linux-hwe, linux-oem vulnerability and regression (USN-4185-3)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3889.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131052
    published2019-11-15
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131052
    titleRHEL 7 : kernel (RHSA-2019:3889)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2019-320-01.NASL
    descriptionNew kernel packages are available for Slackware 14.2 to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id131114
    published2019-11-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131114
    titleSlackware 14.2 : Slackware 14.2 kernel (SSA:2019-320-01)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3871.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131001
    published2019-11-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131001
    titleRHEL 8 : kernel (RHSA-2019:3871)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3887.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * hardware: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131050
    published2019-11-15
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131050
    titleRHEL 7 : kernel-rt (RHSA-2019:3887)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4183-2.NASL
    descriptionUSN-4183-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details : Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Jann Horn discovered a reference count underflow in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15791) Jann Horn discovered a type confusion vulnerability in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15792) Jann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace. A local attacker could use this to possibly bypass DAC permissions or have some other unspecified impact. (CVE-2019-15793) It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id131011
    published2019-11-14
    reporterUbuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131011
    titleUbuntu 19.10 : linux vulnerability (USN-4183-2)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4186-3.NASL
    descriptionUSN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details : Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666) Maddie Stone discovered that the Binder IPC Driver implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-2215). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-03-18
    modified2019-11-14
    plugin id131014
    published2019-11-14
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131014
    titleUbuntu 16.04 LTS : linux vulnerability (USN-4186-3)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2020-0021_KERNEL.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.05, has kernel packages installed that are affected by multiple vulnerabilities: - The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service (uninitialized-memory free and kernel crash) or have unspecified other impact by executing a crafted sequence of system calls that use the blkcipher_walk API. Both the generic implementation (crypto/salsa20_generic.c) and x86 implementation (arch/x86/crypto/salsa20_glue.c) of Salsa20 were vulnerable. (CVE-2017-17805) - Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. (CVE-2018-12207) - An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel task stack contents. (CVE-2018-17972) - In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-113509306. References: Upstream kernel. (CVE-2018-9568) - Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access. (CVE-2019-0154) - Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access. (CVE-2019-0155) - TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11135) - An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka
    last seen2020-03-18
    modified2020-03-08
    plugin id134312
    published2020-03-08
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134312
    titleNewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2020-0021)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-3200-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-19081: Fixed a memory leak in the nfp_flower_spawn_vnic_reprs() could have allowed attackers to cause a denial of service (bsc#1157045). CVE-2019-19080: Fixed four memory leaks in the nfp_flower_spawn_phy_reprs() could have allowed attackers to cause a denial of service (bsc#1157044). CVE-2019-19052: Fixed a memory leak in the gs_can_open() which could have led to denial of service (bsc#1157324). CVE-2019-19067: Fixed multiple memory leaks in acp_hw_init (bsc#1157180). CVE-2019-19060: Fixed a memory leak in the adis_update_scan_mode() which could have led to denial of service (bsc#1157178). CVE-2019-19049: Fixed a memory leak in unittest_data_add (bsc#1157173). CVE-2019-19075: Fixed a memory leak in the ca8210_probe() which could have led to denial of service by triggering ca8210_get_platform_data() failures (bsc#1157162). CVE-2019-19058: Fixed a memory leak in the alloc_sgtable() which could have led to denial of service by triggering alloc_page() failures (bsc#1157145). CVE-2019-19074: Fixed a memory leak in the ath9k_wmi_cmd() function which could have led to denial of service (bsc#1157143). CVE-2019-19073: Fixed multiple memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c which could have led to denial of service by triggering wait_for_completion_timeout() failures (bsc#1157070). CVE-2019-19083: Fixed multiple memory leaks in *clock_source_create() functions which could have led to denial of service (bsc#1157049). CVE-2019-19082: Fixed multiple memory leaks in *create_resource_pool() which could have led to denial of service (bsc#1157046). CVE-2019-15916: Fixed a memory leak in register_queue_kobjects() which might have led denial of service (bsc#1149448). CVE-2019-0154: Fixed an improper access control in subsystem for Intel (R) processor graphics whichs may have allowed an authenticated user to potentially enable denial of service via local access (bsc#1135966). CVE-2019-0155: Fixed an improper access control in subsystem for Intel (R) processor graphics whichs may have allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135967). CVE-2019-16231: Fixed a NULL pointer dereference due to lack of checking the alloc_workqueue return value (bsc#1150466). CVE-2019-18805: Fixed an integer overflow in tcp_ack_update_rtt() leading to a denial of service or possibly unspecified other impact (bsc#1156187). CVE-2019-17055: Enforced CAP_NET_RAW in the AF_ISDN network module to restrict unprivileged users to create a raw socket (bsc#1152782). CVE-2019-16995: Fixed a memory leak in hsr_dev_finalize() which may have caused denial of service (bsc#1152685). CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150457). CVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903) CVE-2019-17666: rtlwifi: Fix potential overflow in P2P code (bsc#1154372). CVE-2019-17056: The AF_NFC network module did not enforce CAP_NET_RAW, which meant that unprivileged users could create a raw socket (bsc#1152788). CVE-2019-14821: An out-of-bounds access issue was fixed in the kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id131833
    published2019-12-09
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131833
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:3200-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3883.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131049
    published2019-11-15
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131049
    titleRHEL 7 : kernel (RHSA-2019:3883)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20191114_KERNEL_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155)
    last seen2020-03-18
    modified2019-11-15
    plugin id131056
    published2019-11-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131056
    titleScientific Linux Security Update : kernel on SL7.x x86_64 (20191114)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3870.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131000
    published2019-11-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131000
    titleRHEL 8 : kernel-rt (RHSA-2019:3870)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4184-1.NASL
    descriptionStephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) Jann Horn discovered a reference count underflow in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15791) Jann Horn discovered a type confusion vulnerability in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15792) Jann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace. A local attacker could use this to possibly bypass DAC permissions or have some other unspecified impact. (CVE-2019-15793) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130964
    published2019-11-13
    reporterUbuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130964
    titleUbuntu 18.04 LTS / 19.04 : linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, (USN-4184-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3878.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131005
    published2019-11-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131005
    titleRHEL 6 : kernel (RHSA-2019:3878)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-0093-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-20095: mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c had some error-handling cases that did not free allocated hostcmd memory. This will cause a memory leak and denial of service (bnc#1159909). CVE-2019-20054: Fixed a a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links (bnc#1159910). CVE-2019-20096: Fixed a memory leak in __feat_register_sp() in net/dccp/feat.c, which may cause denial of service (bnc#1159908). CVE-2019-19966: Fixed a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service (bnc#1159841). CVE-2019-19447: Mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c (bnc#1158819). CVE-2019-19319: A setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call (bnc#1158021). CVE-2019-19767: Fixed mishandling of ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c (bnc#1159297). CVE-2019-18808: A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ccp-ops.c allowed attackers to cause a denial of service (memory consumption) (bnc#1156259). CVE-2019-16746: An issue was discovered in net/wireless/nl80211.c where the length of variable elements in a beacon head were not checked, leading to a buffer overflow (bnc#1152107). CVE-2019-19066: A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c allowed attackers to cause a denial of service (memory consumption) by triggering bfa_port_get_stats() failures (bnc#1157303). CVE-2019-19051: There was a memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1159024). CVE-2019-19338: There was an incomplete fix for Transaction Asynchronous Abort (TAA) (bnc#1158954). CVE-2019-19332: There was an OOB memory write via kvm_dev_ioctl_get_cpuid (bnc#1158827). CVE-2019-19537: There was a race condition bug that can be caused by a malicious USB device in the USB character device driver layer (bnc#1158904). CVE-2019-19535: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_fd.c driver (bnc#1158903). CVE-2019-19527: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (bnc#1158900). CVE-2019-19526: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver (bnc#1158893). CVE-2019-19533: There was an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver (bnc#1158834). CVE-2019-19532: There were multiple out-of-bounds write bugs that can be caused by a malicious USB device in the Linux kernel HID drivers (bnc#1158824). CVE-2019-19523: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79 (bnc#1158381 1158823 1158834). CVE-2019-15213: There was a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver (bnc#1146544). CVE-2019-19531: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver (bnc#1158445). CVE-2019-19543: There was a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c (bnc#1158427). CVE-2019-19525: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver (bnc#1158417). CVE-2019-19530: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver (bnc#1158410). CVE-2019-19536: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_pro.c driver (bnc#1158394). CVE-2019-19524: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver (bnc#1158413). CVE-2019-19528: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver (bnc#1158407). CVE-2019-19534: There was an info-leak bug that can be caused by a malicious USB device in the drivers/net/can/usb/peak_usb/pcan_usb_core.c driver (bnc#1158398). CVE-2019-19529: There was a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver (bnc#1158381). CVE-2019-14901: A heap overflow flaw was found in the Linux kernel in Marvell WiFi chip driver. The vulnerability allowed a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system (bnc#1157042). CVE-2019-14895: A heap-based buffer overflow was discovered in the Linux kernel in Marvell WiFi chip driver. The flaw could occur when the station attempts a connection negotiation during the handling of the remote devices country settings. This could have allowed the remote device to cause a denial of service (system crash) or possibly execute arbitrary code (bnc#1157158). CVE-2019-18660: The Linux kernel on powerpc allowed Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c (bnc#1157038). CVE-2019-18683: An issue was discovered in drivers/media/platform/vivid in the Linux kernel. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during streaming stopping in this driver (part of the V4L2 subsystem). These issues are caused by wrong mutex locking in vivid_stop_generating_vid_cap(), vivid_stop_generating_vid_out(), sdr_cap_stop_streaming(), and the corresponding kthreads. At least one of these race conditions leads to a use-after-free (bnc#1155897). CVE-2019-18809: A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1156258). CVE-2019-19046: A memory leak in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering ida_simple_get() failure (bnc#1157304). CVE-2019-19078: A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157032). CVE-2019-19062: A memory leak in the crypto_report() function in crypto/crypto_user_base.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering crypto_report_alg() failures (bnc#1157333). CVE-2019-19057: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures (bnc#1157197). CVE-2019-19056: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures (bnc#1157197). CVE-2019-19068: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157307). CVE-2019-19063: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157298). CVE-2019-19227: In the AppleTalk subsystem in the Linux kernel there was a potential NULL pointer dereference because register_snap_client may return NULL. This will lead to denial of service in net/appletalk/aarp.c and net/appletalk/ddp.c, as demonstrated by unregister_snap_client (bnc#1157678). CVE-2019-19081: A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157045). CVE-2019-19080: Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157044). CVE-2019-19065: A memory leak in the sdma_init() function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering rhashtable_init() failures (bnc#1157191). CVE-2019-19077: A memory leak in the bnxt_re_create_srq() function in drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering copy to udata failures (bnc#1157171). CVE-2019-19052: A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures (bnc#1157324). CVE-2019-19067: Four memory leaks in the acp_hw_init() function in drivers/gpu/drm/amd/amdgpu/amdgpu_acp.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering mfd_add_hotplug_devices() or pm_genpd_add_device() failures (bsc#1157180). CVE-2019-19060: A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157178). CVE-2019-19049: A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures (bsc#1157173). CVE-2019-19075: A memory leak in the ca8210_probe() function in drivers/net/ieee802154/ca8210.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering ca8210_get_platform_data() failures (bnc#1157162). CVE-2019-19058: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) by triggering alloc_page() failures (bnc#1157145). CVE-2019-19074: A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157143). CVE-2019-19073: Fixed memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c allowed attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures (bnc#1157070). CVE-2019-19083: Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157049). CVE-2019-19082: Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel allowed attackers to cause a denial of service (memory consumption) (bnc#1157046). CVE-2019-15916: An issue was discovered in the Linux kernel There was a memory leak in register_queue_kobjects() in net/core/net-sysfs.c, which will cause denial of service (bnc#1149448). CVE-2019-0154: Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may have allowed an authenticated user to potentially enable denial of service via local access (bnc#1135966). CVE-2019-0155: Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may have allowed an authenticated user to potentially enable escalation of privilege via local access (bnc#1135967). CVE-2019-16231: drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150466). CVE-2019-18805: An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel There was a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact (bnc#1156187). CVE-2019-17055: base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket (bnc#1152782). CVE-2019-16995: In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d (bnc#1152685). CVE-2019-11135: TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access (bnc#1139073). CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150457). CVE-2018-12207: Improper invalidation for page table updates by a virtual guest operating system for multiple Intel(R) Processors may have allowed an authenticated user to potentially enable denial of service of the host system via local access (bnc#1117665). CVE-2019-10220: Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists (bnc#1144903). CVE-2019-17666: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (bnc#1154372). CVE-2019-16232: drivers/net/wireless/marvell/libertas/if_sdio.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150465). CVE-2019-16234: drivers/net/wireless/intel/iwlwifi/pcie/trans.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150452). CVE-2019-17133: cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c did not reject a long SSID IE, leading to a Buffer Overflow (bnc#1153158). CVE-2019-17056: llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176 (bnc#1152788). CVE-2019-14821: An out-of-bounds access issue was found in the way Linux kernel
    last seen2020-06-01
    modified2020-06-02
    plugin id132925
    published2020-01-15
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132925
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2020:0093-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-3295-1.NASL
    descriptionThe SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-15916: Fixed a memory leak in register_queue_kobjects() which might have led denial of service (bsc#1149448). CVE-2019-0154: Fixed an improper access control in subsystem for Intel (R) processor graphics whichs may have allowed an authenticated user to potentially enable denial of service via local access (bsc#1135966). CVE-2019-0155: Fixed an improper access control in subsystem for Intel (R) processor graphics whichs may have allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135967). CVE-2019-16231: Fixed a NULL pointer dereference due to lack of checking the alloc_workqueue return value (bsc#1150466). CVE-2019-18805: Fixed an integer overflow in tcp_ack_update_rtt() leading to a denial of service or possibly unspecified other impact (bsc#1156187). CVE-2019-17055: Enforced CAP_NET_RAW in the AF_ISDN network module to restrict unprivileged users to create a raw socket (bsc#1152782). CVE-2019-16995: Fixed a memory leak in hsr_dev_finalize() which may have caused denial of service (bsc#1152685). CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described
    last seen2020-06-01
    modified2020-06-02
    plugin id132071
    published2019-12-16
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132071
    titleSUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:3295-1)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-68D7F68507.NASL
    descriptionThe 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130920
    published2019-11-13
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130920
    titleFedora 31 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-68d7f68507)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-0204.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) * Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900) * Kernel: page cache side channel attacks (CVE-2019-5489) * hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506) * kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net /wireless/marvell/mwifiex/ie.c (CVE-2019-10126) * kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816) * Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821) * kernel: heap overflow in marvell/mwifiex/tdls.c (CVE-2019-14901) * hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * Backport TCP follow-up for small buffers (BZ#1739184) * TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170) * RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548) * block: blk-mq improvement (BZ#1780567) * RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111) * blk-mq: overwirte performance drops on real MQ device (BZ#1782183) * RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705)
    last seen2020-06-01
    modified2020-06-02
    plugin id133221
    published2020-01-24
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133221
    titleRHEL 8 : kernel (RHSA-2020:0204)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1990.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. CVE-2018-12207 It was discovered that on Intel CPUs supporting hardware virtualisation with Extended Page Tables (EPT), a guest VM may manipulate the memory management hardware to cause a Machine Check Error (MCE) and denial of service (hang or crash). The guest triggers this error by changing page tables without a TLB flush, so that both 4 KB and 2 MB entries for the same virtual address are loaded into the instruction TLB (iTLB). This update implements a mitigation in KVM that prevents guest VMs from loading 2 MB entries into the iTLB. This will reduce performance of guest VMs. Further information on the mitigation can be found at <https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/ multihit.html> or in the linux-doc-4.9 package. Intel
    last seen2020-06-01
    modified2020-06-02
    plugin id130979
    published2019-11-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130979
    titleDebian DLA-1990-1 : linux-4.9 security update
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2984-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735 CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port failed to add a port, which may have caused denial of service (bsc#1152685). CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described
    last seen2020-06-01
    modified2020-06-02
    plugin id131120
    published2019-11-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131120
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:2984-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4184-2.NASL
    descriptionUSN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update addresses both issues. We apologize for the inconvenience. Original advisory details : Stephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) Jann Horn discovered a reference count underflow in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15791) Jann Horn discovered a type confusion vulnerability in the shiftfs implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15792) Jann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace. A local attacker could use this to possibly bypass DAC permissions or have some other unspecified impact. (CVE-2019-15793) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id131012
    published2019-11-14
    reporterUbuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131012
    titleUbuntu 18.04 LTS / 19.04 : linux, linux-hwe, linux-oem-osp1 vulnerability and regression (USN-4184-2)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-3878.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131034
    published2019-11-15
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131034
    titleCentOS 6 : kernel (CESA-2019:3878)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-7A3FC17778.NASL
    descriptionThe 5.3.11 stable kernel update contains a number of important security updates across the tree, including mitigations for the most recent hardware issues disclosed on Nov 12. ---- The 5.3.9 update contains a number of important fixes across the tree ---- Update to upstream 2.1-22. 20190618 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130989
    published2019-11-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130989
    titleFedora 29 : 2:microcode_ctl / kernel / kernel-headers / kernel-tools (2019-7a3fc17778)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0266_KERNEL-RT.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities: - The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a
    last seen2020-06-01
    modified2020-06-02
    plugin id132499
    published2019-12-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132499
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0266)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-3872.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131033
    published2019-11-15
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131033
    titleCentOS 7 : kernel (CESA-2019:3872)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2507.NASL
    descriptionThe openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-0154: An unprotected read access to i915 registers has been fixed that could have been abused to facilitate a local denial-of-service attack. (bsc#1135966) - CVE-2019-0155: A privilege escalation vulnerability has been fixed in the i915 module that allowed batch buffers from user mode to gain super user privileges. (bsc#1135967) - CVE-2019-16231: drivers/net/fjes/fjes_main.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150466). - CVE-2019-18805: There was a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6 (bnc#1156187). - CVE-2019-17055: base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21 (bnc#1152782). - CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described
    last seen2020-06-01
    modified2020-06-02
    plugin id131061
    published2019-11-15
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131061
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2019-2507)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0264_KERNEL.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a
    last seen2020-06-01
    modified2020-06-02
    plugin id132490
    published2019-12-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132490
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0264)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4185-1.NASL
    descriptionStephan van Schaik, Alyssa Milburn, Sebastian Osterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id130965
    published2019-11-13
    reporterUbuntu Security Notice (C) 2019 Canonical, Inc. / NASL script (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130965
    titleUbuntu 16.04 LTS / 18.04 LTS : linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, (USN-4185-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2949-1.NASL
    descriptionThe SUSE Linux Enterprise 12-SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. The Linux Kernel kvm hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735 CVE-2019-16995: Fix a memory leak in hsr_dev_finalize() if hsr_add_port failed to add a port, which may have caused denial of service (bsc#1152685). CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described
    last seen2020-06-01
    modified2020-06-02
    plugin id130949
    published2019-11-13
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130949
    titleSUSE SLES12 Security Update : kernel (SUSE-SU-2019:2949-1)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20191114_KERNEL_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-03-18
    modified2019-11-15
    plugin id131055
    published2019-11-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131055
    titleScientific Linux Security Update : kernel on SL6.x i386/x86_64 (20191114)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3877.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131004
    published2019-11-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131004
    titleRHEL 7 : kernel (RHSA-2019:3877)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2948-1.NASL
    descriptionThe SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional. The Linux Kernel KVM hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735 - CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described
    last seen2020-06-01
    modified2020-06-02
    plugin id130948
    published2019-11-13
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130948
    titleSUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2019:2948-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3841.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, and Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id130933
    published2019-11-13
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130933
    titleRHEL 7 : kernel (RHSA-2019:3841)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-3872.NASL
    descriptionFrom Red Hat Security Advisory 2019:3872 : An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131111
    published2019-11-18
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131111
    titleOracle Linux 7 : kernel (ELSA-2019-3872)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-2503.NASL
    descriptionThe openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-0154: An unprotected read access to i915 registers has been fixed that could have been abused to facilitate a local denial-of-service attack. (bsc#1135966) - CVE-2019-0155: A privilege escalation vulnerability has been fixed in the i915 module that allowed batch buffers from user mode to gain super user privileges. (bsc#1135967) - CVE-2019-16231: drivers/net/fjes/fjes_main.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference (bnc#1150466). - CVE-2019-18805: There was a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6 (bnc#1156187). - CVE-2019-17055: base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module did not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21 (bnc#1152782). - CVE-2019-16995: A memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c, if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d (bnc#1152685). - CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described
    last seen2020-06-01
    modified2020-06-02
    plugin id131057
    published2019-11-15
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131057
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2019-2503)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3908.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131176
    published2019-11-21
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131176
    titleRHEL 6 : MRG (RHSA-2019:3908)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4564.NASL
    descriptionSeveral vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, or information leak. - CVE-2018-12207 It was discovered that on Intel CPUs supporting hardware virtualisation with Extended Page Tables (EPT), a guest VM may manipulate the memory management hardware to cause a Machine Check Error (MCE) and denial of service (hang or crash). The guest triggers this error by changing page tables without a TLB flush, so that both 4 KB and 2 MB entries for the same virtual address are loaded into the instruction TLB (iTLB). This update implements a mitigation in KVM that prevents guest VMs from loading 2 MB entries into the iTLB. This will reduce performance of guest VMs. Further information on the mitigation can be found at or in the linux-doc-4.9 or linux-doc-4.19 package. A qemu update adding support for the PSCHANGE_MC_NO feature, which allows to disable iTLB Multihit mitigations in nested hypervisors will be provided via DSA 4566-1. Intel
    last seen2020-06-01
    modified2020-06-02
    plugin id130982
    published2019-11-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/130982
    titleDebian DSA-4564-1 : linux - security update
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-3872.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id131002
    published2019-11-14
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131002
    titleRHEL 7 : kernel (RHSA-2019:3872)

Redhat

advisories
  • bugzilla
    id1724398
    titleCVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • commentkernel-rt-modules-extra is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870001
          • commentkernel-rt-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174008
        • AND
          • commentkernel-rt-modules is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870003
          • commentkernel-rt-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174020
        • AND
          • commentkernel-rt-devel is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870005
          • commentkernel-rt-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727012
        • AND
          • commentkernel-rt-debug-modules-extra is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870007
          • commentkernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174016
        • AND
          • commentkernel-rt-debug-modules is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870009
          • commentkernel-rt-debug-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174010
        • AND
          • commentkernel-rt-debug-devel is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870011
          • commentkernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727010
        • AND
          • commentkernel-rt-debug-core is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870013
          • commentkernel-rt-debug-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174022
        • AND
          • commentkernel-rt-debug is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870015
          • commentkernel-rt-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727014
        • AND
          • commentkernel-rt-core is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870017
          • commentkernel-rt-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174006
        • AND
          • commentkernel-rt is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870019
          • commentkernel-rt is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727006
        • AND
          • commentkernel-rt-kvm is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870021
          • commentkernel-rt-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212018
        • AND
          • commentkernel-rt-debug-kvm is earlier than 0:4.18.0-147.0.3.rt24.95.el8_1
            ovaloval:com.redhat.rhsa:tst:20193870023
          • commentkernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212020
    rhsa
    idRHSA-2019:3870
    released2019-11-13
    severityImportant
    titleRHSA-2019:3870: kernel-rt security update (Important)
  • bugzilla
    id1724398
    titleCVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • commentkernel earlier than 0:4.18.0-147.0.3.el8_1 is currently running
          ovaloval:com.redhat.rhsa:tst:20193871051
        • commentkernel earlier than 0:4.18.0-147.0.3.el8_1 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20193871052
      • OR
        • AND
          • commentkernel-tools-libs-devel is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871001
          • commentkernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678022
        • AND
          • commentkernel-doc is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871003
          • commentkernel-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842002
        • AND
          • commentkernel-abi-whitelists is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871005
          • commentkernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20131645022
        • AND
          • commentpython3-perf is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871007
          • commentpython3-perf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167024
        • AND
          • commentperf is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871009
          • commentperf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842006
        • AND
          • commentkernel-tools-libs is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871011
          • commentkernel-tools-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678016
        • AND
          • commentkernel-tools is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871013
          • commentkernel-tools is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678012
        • AND
          • commentkernel-modules-extra is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871015
          • commentkernel-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167016
        • AND
          • commentkernel-modules is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871017
          • commentkernel-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167044
        • AND
          • commentkernel-headers is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871019
          • commentkernel-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842010
        • AND
          • commentkernel-devel is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871021
          • commentkernel-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842016
        • AND
          • commentkernel-debug-modules-extra is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871023
          • commentkernel-debug-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167010
        • AND
          • commentkernel-debug-modules is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871025
          • commentkernel-debug-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167018
        • AND
          • commentkernel-debug-devel is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871027
          • commentkernel-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842008
        • AND
          • commentkernel-debug-core is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871029
          • commentkernel-debug-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167026
        • AND
          • commentkernel-debug is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871031
          • commentkernel-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842014
        • AND
          • commentkernel-cross-headers is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871033
          • commentkernel-cross-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167046
        • AND
          • commentkernel-core is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871035
          • commentkernel-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167036
        • AND
          • commentkernel is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871037
          • commentkernel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842012
        • AND
          • commentbpftool is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871039
          • commentbpftool is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183083026
        • AND
          • commentkernel-zfcpdump-modules-extra is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871041
          • commentkernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167014
        • AND
          • commentkernel-zfcpdump-modules is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871043
          • commentkernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167020
        • AND
          • commentkernel-zfcpdump-devel is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871045
          • commentkernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167038
        • AND
          • commentkernel-zfcpdump-core is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871047
          • commentkernel-zfcpdump-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167006
        • AND
          • commentkernel-zfcpdump is earlier than 0:4.18.0-147.0.3.el8_1
            ovaloval:com.redhat.rhsa:tst:20193871049
          • commentkernel-zfcpdump is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167008
    rhsa
    idRHSA-2019:3871
    released2019-11-13
    severityImportant
    titleRHSA-2019:3871: kernel security update (Important)
  • bugzilla
    id1724398
    titleCVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • commentkernel earlier than 0:3.10.0-1062.4.3.el7 is currently running
          ovaloval:com.redhat.rhsa:tst:20193872033
        • commentkernel earlier than 0:3.10.0-1062.4.3.el7 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20193872034
      • OR
        • AND
          • commentkernel-tools-libs-devel is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872001
          • commentkernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678022
        • AND
          • commentkernel-doc is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872003
          • commentkernel-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842002
        • AND
          • commentkernel-abi-whitelists is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872005
          • commentkernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20131645022
        • AND
          • commentpython-perf is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872007
          • commentpython-perf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111530024
        • AND
          • commentperf is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872009
          • commentperf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842006
        • AND
          • commentkernel-tools-libs is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872011
          • commentkernel-tools-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678016
        • AND
          • commentkernel-tools is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872013
          • commentkernel-tools is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678012
        • AND
          • commentkernel-headers is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872015
          • commentkernel-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842010
        • AND
          • commentkernel-devel is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872017
          • commentkernel-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842016
        • AND
          • commentkernel-debug-devel is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872019
          • commentkernel-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842008
        • AND
          • commentkernel-debug is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872021
          • commentkernel-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842014
        • AND
          • commentkernel is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872023
          • commentkernel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842012
        • AND
          • commentbpftool is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872025
          • commentbpftool is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183083026
        • AND
          • commentkernel-bootwrapper is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872027
          • commentkernel-bootwrapper is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842018
        • AND
          • commentkernel-kdump-devel is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872029
          • commentkernel-kdump-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842022
        • AND
          • commentkernel-kdump is earlier than 0:3.10.0-1062.4.3.el7
            ovaloval:com.redhat.rhsa:tst:20193872031
          • commentkernel-kdump is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842020
    rhsa
    idRHSA-2019:3872
    released2019-11-13
    severityImportant
    titleRHSA-2019:3872: kernel security update (Important)
  • bugzilla
    id1724398
    titleCVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • commentkernel earlier than 0:2.6.32-754.24.3.el6 is currently running
          ovaloval:com.redhat.rhsa:tst:20193878027
        • commentkernel earlier than 0:2.6.32-754.24.3.el6 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20193878028
      • OR
        • AND
          • commentkernel-firmware is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878001
          • commentkernel-firmware is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842004
        • AND
          • commentkernel-doc is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878003
          • commentkernel-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842002
        • AND
          • commentkernel-abi-whitelists is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878005
          • commentkernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20131645022
        • AND
          • commentperf is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878007
          • commentperf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842006
        • AND
          • commentkernel-headers is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878009
          • commentkernel-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842010
        • AND
          • commentkernel-devel is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878011
          • commentkernel-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842016
        • AND
          • commentkernel-debug-devel is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878013
          • commentkernel-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842008
        • AND
          • commentkernel-debug is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878015
          • commentkernel-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842014
        • AND
          • commentkernel is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878017
          • commentkernel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842012
        • AND
          • commentpython-perf is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878019
          • commentpython-perf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111530024
        • AND
          • commentkernel-bootwrapper is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878021
          • commentkernel-bootwrapper is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842018
        • AND
          • commentkernel-kdump-devel is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878023
          • commentkernel-kdump-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842022
        • AND
          • commentkernel-kdump is earlier than 0:2.6.32-754.24.3.el6
            ovaloval:com.redhat.rhsa:tst:20193878025
          • commentkernel-kdump is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842020
    rhsa
    idRHSA-2019:3878
    released2019-11-13
    severityImportant
    titleRHSA-2019:3878: kernel security update (Important)
  • bugzilla
    id1724398
    titleCVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentkernel-rt-doc is earlier than 0:3.10.0-1062.4.3.rt56.1029.el7
            ovaloval:com.redhat.rhsa:tst:20193887001
          • commentkernel-rt-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727002
        • AND
          • commentkernel-rt-trace-devel is earlier than 0:3.10.0-1062.4.3.rt56.1029.el7
            ovaloval:com.redhat.rhsa:tst:20193887003
          • commentkernel-rt-trace-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727004
        • AND
          • commentkernel-rt-trace is earlier than 0:3.10.0-1062.4.3.rt56.1029.el7
            ovaloval:com.redhat.rhsa:tst:20193887005
          • commentkernel-rt-trace is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727008
        • AND
          • commentkernel-rt-devel is earlier than 0:3.10.0-1062.4.3.rt56.1029.el7
            ovaloval:com.redhat.rhsa:tst:20193887007
          • commentkernel-rt-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727012
        • AND
          • commentkernel-rt-debug-devel is earlier than 0:3.10.0-1062.4.3.rt56.1029.el7
            ovaloval:com.redhat.rhsa:tst:20193887009
          • commentkernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727010
        • AND
          • commentkernel-rt-debug is earlier than 0:3.10.0-1062.4.3.rt56.1029.el7
            ovaloval:com.redhat.rhsa:tst:20193887011
          • commentkernel-rt-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727014
        • AND
          • commentkernel-rt is earlier than 0:3.10.0-1062.4.3.rt56.1029.el7
            ovaloval:com.redhat.rhsa:tst:20193887013
          • commentkernel-rt is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727006
        • AND
          • commentkernel-rt-trace-kvm is earlier than 0:3.10.0-1062.4.3.rt56.1029.el7
            ovaloval:com.redhat.rhsa:tst:20193887015
          • commentkernel-rt-trace-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212016
        • AND
          • commentkernel-rt-kvm is earlier than 0:3.10.0-1062.4.3.rt56.1029.el7
            ovaloval:com.redhat.rhsa:tst:20193887017
          • commentkernel-rt-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212018
        • AND
          • commentkernel-rt-debug-kvm is earlier than 0:3.10.0-1062.4.3.rt56.1029.el7
            ovaloval:com.redhat.rhsa:tst:20193887019
          • commentkernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212020
    rhsa
    idRHSA-2019:3887
    released2019-11-14
    severityImportant
    titleRHSA-2019:3887: kernel-rt security update (Important)
  • rhsa
    idRHSA-2019:3841
  • rhsa
    idRHSA-2019:3889
  • rhsa
    idRHSA-2019:3908
  • rhsa
    idRHSA-2020:0204
rpms
  • kernel-0:3.10.0-327.82.2.el7
  • kernel-abi-whitelists-0:3.10.0-327.82.2.el7
  • kernel-debug-0:3.10.0-327.82.2.el7
  • kernel-debug-debuginfo-0:3.10.0-327.82.2.el7
  • kernel-debug-devel-0:3.10.0-327.82.2.el7
  • kernel-debuginfo-0:3.10.0-327.82.2.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-327.82.2.el7
  • kernel-devel-0:3.10.0-327.82.2.el7
  • kernel-doc-0:3.10.0-327.82.2.el7
  • kernel-headers-0:3.10.0-327.82.2.el7
  • kernel-tools-0:3.10.0-327.82.2.el7
  • kernel-tools-debuginfo-0:3.10.0-327.82.2.el7
  • kernel-tools-libs-0:3.10.0-327.82.2.el7
  • kernel-tools-libs-devel-0:3.10.0-327.82.2.el7
  • perf-0:3.10.0-327.82.2.el7
  • perf-debuginfo-0:3.10.0-327.82.2.el7
  • python-perf-0:3.10.0-327.82.2.el7
  • python-perf-debuginfo-0:3.10.0-327.82.2.el7
  • kernel-rt-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-core-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-debug-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-debug-core-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-debug-debuginfo-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-debug-devel-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-debug-kvm-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-debug-kvm-debuginfo-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-debug-modules-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-debug-modules-extra-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-debuginfo-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-debuginfo-common-x86_64-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-devel-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-kvm-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-kvm-debuginfo-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-modules-0:4.18.0-147.0.3.rt24.95.el8_1
  • kernel-rt-modules-extra-0:4.18.0-147.0.3.rt24.95.el8_1
  • bpftool-0:4.18.0-147.0.3.el8_1
  • bpftool-debuginfo-0:4.18.0-147.0.3.el8_1
  • kernel-0:4.18.0-147.0.3.el8_1
  • kernel-abi-whitelists-0:4.18.0-147.0.3.el8_1
  • kernel-core-0:4.18.0-147.0.3.el8_1
  • kernel-cross-headers-0:4.18.0-147.0.3.el8_1
  • kernel-debug-0:4.18.0-147.0.3.el8_1
  • kernel-debug-core-0:4.18.0-147.0.3.el8_1
  • kernel-debug-debuginfo-0:4.18.0-147.0.3.el8_1
  • kernel-debug-devel-0:4.18.0-147.0.3.el8_1
  • kernel-debug-modules-0:4.18.0-147.0.3.el8_1
  • kernel-debug-modules-extra-0:4.18.0-147.0.3.el8_1
  • kernel-debuginfo-0:4.18.0-147.0.3.el8_1
  • kernel-debuginfo-common-aarch64-0:4.18.0-147.0.3.el8_1
  • kernel-debuginfo-common-ppc64le-0:4.18.0-147.0.3.el8_1
  • kernel-debuginfo-common-s390x-0:4.18.0-147.0.3.el8_1
  • kernel-debuginfo-common-x86_64-0:4.18.0-147.0.3.el8_1
  • kernel-devel-0:4.18.0-147.0.3.el8_1
  • kernel-doc-0:4.18.0-147.0.3.el8_1
  • kernel-headers-0:4.18.0-147.0.3.el8_1
  • kernel-modules-0:4.18.0-147.0.3.el8_1
  • kernel-modules-extra-0:4.18.0-147.0.3.el8_1
  • kernel-tools-0:4.18.0-147.0.3.el8_1
  • kernel-tools-debuginfo-0:4.18.0-147.0.3.el8_1
  • kernel-tools-libs-0:4.18.0-147.0.3.el8_1
  • kernel-tools-libs-devel-0:4.18.0-147.0.3.el8_1
  • kernel-zfcpdump-0:4.18.0-147.0.3.el8_1
  • kernel-zfcpdump-core-0:4.18.0-147.0.3.el8_1
  • kernel-zfcpdump-debuginfo-0:4.18.0-147.0.3.el8_1
  • kernel-zfcpdump-devel-0:4.18.0-147.0.3.el8_1
  • kernel-zfcpdump-modules-0:4.18.0-147.0.3.el8_1
  • kernel-zfcpdump-modules-extra-0:4.18.0-147.0.3.el8_1
  • perf-0:4.18.0-147.0.3.el8_1
  • perf-debuginfo-0:4.18.0-147.0.3.el8_1
  • python3-perf-0:4.18.0-147.0.3.el8_1
  • python3-perf-debuginfo-0:4.18.0-147.0.3.el8_1
  • bpftool-0:3.10.0-1062.4.3.el7
  • bpftool-debuginfo-0:3.10.0-1062.4.3.el7
  • kernel-0:3.10.0-1062.4.3.el7
  • kernel-abi-whitelists-0:3.10.0-1062.4.3.el7
  • kernel-bootwrapper-0:3.10.0-1062.4.3.el7
  • kernel-debug-0:3.10.0-1062.4.3.el7
  • kernel-debug-debuginfo-0:3.10.0-1062.4.3.el7
  • kernel-debug-devel-0:3.10.0-1062.4.3.el7
  • kernel-debuginfo-0:3.10.0-1062.4.3.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-1062.4.3.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-1062.4.3.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-1062.4.3.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-1062.4.3.el7
  • kernel-devel-0:3.10.0-1062.4.3.el7
  • kernel-doc-0:3.10.0-1062.4.3.el7
  • kernel-headers-0:3.10.0-1062.4.3.el7
  • kernel-kdump-0:3.10.0-1062.4.3.el7
  • kernel-kdump-debuginfo-0:3.10.0-1062.4.3.el7
  • kernel-kdump-devel-0:3.10.0-1062.4.3.el7
  • kernel-tools-0:3.10.0-1062.4.3.el7
  • kernel-tools-debuginfo-0:3.10.0-1062.4.3.el7
  • kernel-tools-libs-0:3.10.0-1062.4.3.el7
  • kernel-tools-libs-devel-0:3.10.0-1062.4.3.el7
  • perf-0:3.10.0-1062.4.3.el7
  • perf-debuginfo-0:3.10.0-1062.4.3.el7
  • python-perf-0:3.10.0-1062.4.3.el7
  • python-perf-debuginfo-0:3.10.0-1062.4.3.el7
  • bpftool-0:3.10.0-957.38.3.el7
  • kernel-0:3.10.0-957.38.3.el7
  • kernel-abi-whitelists-0:3.10.0-957.38.3.el7
  • kernel-bootwrapper-0:3.10.0-957.38.3.el7
  • kernel-debug-0:3.10.0-957.38.3.el7
  • kernel-debug-debuginfo-0:3.10.0-957.38.3.el7
  • kernel-debug-devel-0:3.10.0-957.38.3.el7
  • kernel-debuginfo-0:3.10.0-957.38.3.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-957.38.3.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-957.38.3.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-957.38.3.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-957.38.3.el7
  • kernel-devel-0:3.10.0-957.38.3.el7
  • kernel-doc-0:3.10.0-957.38.3.el7
  • kernel-headers-0:3.10.0-957.38.3.el7
  • kernel-kdump-0:3.10.0-957.38.3.el7
  • kernel-kdump-debuginfo-0:3.10.0-957.38.3.el7
  • kernel-kdump-devel-0:3.10.0-957.38.3.el7
  • kernel-tools-0:3.10.0-957.38.3.el7
  • kernel-tools-debuginfo-0:3.10.0-957.38.3.el7
  • kernel-tools-libs-0:3.10.0-957.38.3.el7
  • kernel-tools-libs-devel-0:3.10.0-957.38.3.el7
  • perf-0:3.10.0-957.38.3.el7
  • perf-debuginfo-0:3.10.0-957.38.3.el7
  • python-perf-0:3.10.0-957.38.3.el7
  • python-perf-debuginfo-0:3.10.0-957.38.3.el7
  • kernel-0:3.10.0-693.60.3.el7
  • kernel-abi-whitelists-0:3.10.0-693.60.3.el7
  • kernel-bootwrapper-0:3.10.0-693.60.3.el7
  • kernel-debug-0:3.10.0-693.60.3.el7
  • kernel-debug-debuginfo-0:3.10.0-693.60.3.el7
  • kernel-debug-devel-0:3.10.0-693.60.3.el7
  • kernel-debuginfo-0:3.10.0-693.60.3.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-693.60.3.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-693.60.3.el7
  • kernel-devel-0:3.10.0-693.60.3.el7
  • kernel-doc-0:3.10.0-693.60.3.el7
  • kernel-headers-0:3.10.0-693.60.3.el7
  • kernel-tools-0:3.10.0-693.60.3.el7
  • kernel-tools-debuginfo-0:3.10.0-693.60.3.el7
  • kernel-tools-libs-0:3.10.0-693.60.3.el7
  • kernel-tools-libs-devel-0:3.10.0-693.60.3.el7
  • perf-0:3.10.0-693.60.3.el7
  • perf-debuginfo-0:3.10.0-693.60.3.el7
  • python-perf-0:3.10.0-693.60.3.el7
  • python-perf-debuginfo-0:3.10.0-693.60.3.el7
  • kernel-0:2.6.32-754.24.3.el6
  • kernel-abi-whitelists-0:2.6.32-754.24.3.el6
  • kernel-bootwrapper-0:2.6.32-754.24.3.el6
  • kernel-debug-0:2.6.32-754.24.3.el6
  • kernel-debug-debuginfo-0:2.6.32-754.24.3.el6
  • kernel-debug-devel-0:2.6.32-754.24.3.el6
  • kernel-debuginfo-0:2.6.32-754.24.3.el6
  • kernel-debuginfo-common-i686-0:2.6.32-754.24.3.el6
  • kernel-debuginfo-common-ppc64-0:2.6.32-754.24.3.el6
  • kernel-debuginfo-common-s390x-0:2.6.32-754.24.3.el6
  • kernel-debuginfo-common-x86_64-0:2.6.32-754.24.3.el6
  • kernel-devel-0:2.6.32-754.24.3.el6
  • kernel-doc-0:2.6.32-754.24.3.el6
  • kernel-firmware-0:2.6.32-754.24.3.el6
  • kernel-headers-0:2.6.32-754.24.3.el6
  • kernel-kdump-0:2.6.32-754.24.3.el6
  • kernel-kdump-debuginfo-0:2.6.32-754.24.3.el6
  • kernel-kdump-devel-0:2.6.32-754.24.3.el6
  • perf-0:2.6.32-754.24.3.el6
  • perf-debuginfo-0:2.6.32-754.24.3.el6
  • python-perf-0:2.6.32-754.24.3.el6
  • python-perf-debuginfo-0:2.6.32-754.24.3.el6
  • kernel-0:3.10.0-514.70.3.el7
  • kernel-abi-whitelists-0:3.10.0-514.70.3.el7
  • kernel-bootwrapper-0:3.10.0-514.70.3.el7
  • kernel-debug-0:3.10.0-514.70.3.el7
  • kernel-debug-debuginfo-0:3.10.0-514.70.3.el7
  • kernel-debug-devel-0:3.10.0-514.70.3.el7
  • kernel-debuginfo-0:3.10.0-514.70.3.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-514.70.3.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-514.70.3.el7
  • kernel-devel-0:3.10.0-514.70.3.el7
  • kernel-doc-0:3.10.0-514.70.3.el7
  • kernel-headers-0:3.10.0-514.70.3.el7
  • kernel-tools-0:3.10.0-514.70.3.el7
  • kernel-tools-debuginfo-0:3.10.0-514.70.3.el7
  • kernel-tools-libs-0:3.10.0-514.70.3.el7
  • kernel-tools-libs-devel-0:3.10.0-514.70.3.el7
  • perf-0:3.10.0-514.70.3.el7
  • perf-debuginfo-0:3.10.0-514.70.3.el7
  • python-perf-0:3.10.0-514.70.3.el7
  • python-perf-debuginfo-0:3.10.0-514.70.3.el7
  • kernel-rt-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-debug-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-debug-debuginfo-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-debug-devel-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-debug-kvm-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-debuginfo-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-devel-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-doc-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-kvm-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-kvm-debuginfo-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-trace-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-trace-debuginfo-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-trace-devel-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-trace-kvm-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.4.3.rt56.1029.el7
  • kernel-0:3.10.0-862.43.3.el7
  • kernel-abi-whitelists-0:3.10.0-862.43.3.el7
  • kernel-bootwrapper-0:3.10.0-862.43.3.el7
  • kernel-debug-0:3.10.0-862.43.3.el7
  • kernel-debug-debuginfo-0:3.10.0-862.43.3.el7
  • kernel-debug-devel-0:3.10.0-862.43.3.el7
  • kernel-debuginfo-0:3.10.0-862.43.3.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-862.43.3.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-862.43.3.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-862.43.3.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-862.43.3.el7
  • kernel-devel-0:3.10.0-862.43.3.el7
  • kernel-doc-0:3.10.0-862.43.3.el7
  • kernel-headers-0:3.10.0-862.43.3.el7
  • kernel-kdump-0:3.10.0-862.43.3.el7
  • kernel-kdump-debuginfo-0:3.10.0-862.43.3.el7
  • kernel-kdump-devel-0:3.10.0-862.43.3.el7
  • kernel-tools-0:3.10.0-862.43.3.el7
  • kernel-tools-debuginfo-0:3.10.0-862.43.3.el7
  • kernel-tools-libs-0:3.10.0-862.43.3.el7
  • kernel-tools-libs-devel-0:3.10.0-862.43.3.el7
  • perf-0:3.10.0-862.43.3.el7
  • perf-debuginfo-0:3.10.0-862.43.3.el7
  • python-perf-0:3.10.0-862.43.3.el7
  • python-perf-debuginfo-0:3.10.0-862.43.3.el7
  • kernel-rt-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-debug-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-debug-debuginfo-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-debug-devel-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-debuginfo-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-devel-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-doc-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-firmware-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-trace-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-trace-debuginfo-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-trace-devel-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-vanilla-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-vanilla-debuginfo-1:3.10.0-693.60.3.rt56.655.el6rt
  • kernel-rt-vanilla-devel-1:3.10.0-693.60.3.rt56.655.el6rt
  • bpftool-0:4.18.0-80.15.1.el8_0
  • bpftool-debuginfo-0:4.18.0-80.15.1.el8_0
  • kernel-0:4.18.0-80.15.1.el8_0
  • kernel-abi-whitelists-0:4.18.0-80.15.1.el8_0
  • kernel-core-0:4.18.0-80.15.1.el8_0
  • kernel-cross-headers-0:4.18.0-80.15.1.el8_0
  • kernel-debug-0:4.18.0-80.15.1.el8_0
  • kernel-debug-core-0:4.18.0-80.15.1.el8_0
  • kernel-debug-debuginfo-0:4.18.0-80.15.1.el8_0
  • kernel-debug-devel-0:4.18.0-80.15.1.el8_0
  • kernel-debug-modules-0:4.18.0-80.15.1.el8_0
  • kernel-debug-modules-extra-0:4.18.0-80.15.1.el8_0
  • kernel-debuginfo-0:4.18.0-80.15.1.el8_0
  • kernel-debuginfo-common-aarch64-0:4.18.0-80.15.1.el8_0
  • kernel-debuginfo-common-ppc64le-0:4.18.0-80.15.1.el8_0
  • kernel-debuginfo-common-s390x-0:4.18.0-80.15.1.el8_0
  • kernel-debuginfo-common-x86_64-0:4.18.0-80.15.1.el8_0
  • kernel-devel-0:4.18.0-80.15.1.el8_0
  • kernel-doc-0:4.18.0-80.15.1.el8_0
  • kernel-headers-0:4.18.0-80.15.1.el8_0
  • kernel-modules-0:4.18.0-80.15.1.el8_0
  • kernel-modules-extra-0:4.18.0-80.15.1.el8_0
  • kernel-tools-0:4.18.0-80.15.1.el8_0
  • kernel-tools-debuginfo-0:4.18.0-80.15.1.el8_0
  • kernel-tools-libs-0:4.18.0-80.15.1.el8_0
  • kernel-zfcpdump-0:4.18.0-80.15.1.el8_0
  • kernel-zfcpdump-core-0:4.18.0-80.15.1.el8_0
  • kernel-zfcpdump-debuginfo-0:4.18.0-80.15.1.el8_0
  • kernel-zfcpdump-devel-0:4.18.0-80.15.1.el8_0
  • kernel-zfcpdump-modules-0:4.18.0-80.15.1.el8_0
  • kernel-zfcpdump-modules-extra-0:4.18.0-80.15.1.el8_0
  • perf-0:4.18.0-80.15.1.el8_0
  • perf-debuginfo-0:4.18.0-80.15.1.el8_0
  • python3-perf-0:4.18.0-80.15.1.el8_0
  • python3-perf-debuginfo-0:4.18.0-80.15.1.el8_0