Vulnerabilities > CVE-2019-11811 - Use After Free vulnerability in multiple products

047910
CVSS 7.0 - HIGH
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
high complexity
linux
redhat
opensuse
CWE-416
nessus

Summary

An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.

Vulnerable Configurations

Part Description Count
OS
Linux
109
OS
Redhat
8
OS
Opensuse
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1971.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: DMA attack using peripheral devices (Thunderclap) (BZ#1690716) * kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service (CVE-2018-20784) * kernel: a NULL pointer dereference in drivers/scsi/megaraid/ megaraid_sas_base.c leading to DoS (CVE-2019-11810) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * kernel-rt: update to the RHEL8.0.z batch#2 source tree (BZ#1717516)
    last seen2020-06-01
    modified2020-06-02
    plugin id127641
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127641
    titleRHEL 8 : kernel-rt (RHSA-2019:1971)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:1971. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(127641);
      script_version("1.5");
      script_cvs_date("Date: 2020/01/06");
    
      script_cve_id("CVE-2018-20784", "CVE-2019-11085", "CVE-2019-11810", "CVE-2019-11811");
      script_xref(name:"RHSA", value:"2019:1971");
    
      script_name(english:"RHEL 8 : kernel-rt (RHSA-2019:1971)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for kernel-rt is now available for Red Hat Enterprise Linux
    8.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The kernel-rt packages provide the Real Time Linux Kernel, which
    enables fine-tuning for systems with extremely high determinism
    requirements.
    
    Security Fix(es) :
    
    * kernel: insufficient input validation in kernel mode driver in Intel
    i915 graphics leads to privilege escalation (CVE-2019-11085)
    
    * kernel: DMA attack using peripheral devices (Thunderclap)
    (BZ#1690716)
    
    * kernel: infinite loop in update_blocked_averages() in
    kernel/sched/fair.c leading to denial of service (CVE-2018-20784)
    
    * kernel: a NULL pointer dereference in drivers/scsi/megaraid/
    megaraid_sas_base.c leading to DoS (CVE-2019-11810)
    
    * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c,
    ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section.
    
    Bug Fix(es) :
    
    * kernel-rt: update to the RHEL8.0.z batch#2 source tree (BZ#1717516)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:1971"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2018-20784"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-11085"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-11810"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-11811"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-core");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-modules-extra");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:kernel-rt-modules-extra");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:8");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/02/22");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    include("ksplice.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 8.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    if ("x86_64" >!< cpu) audit(AUDIT_ARCH_NOT, "x86_64", cpu);
    
    if (get_one_kb_item("Host/ksplice/kernel-cves"))
    {
      rm_kb_item(name:"Host/uptrack-uname-r");
      cve_list = make_list("CVE-2018-20784", "CVE-2019-11085", "CVE-2019-11810", "CVE-2019-11811");
      if (ksplice_cves_check(cve_list))
      {
        audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for RHSA-2019:1971");
      }
      else
      {
        __rpm_report = ksplice_reporting_text();
      }
    }
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:1971";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-core-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-core-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-debuginfo-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-devel-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-kvm-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-kvm-debuginfo-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-modules-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debug-modules-extra-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debuginfo-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-debuginfo-common-x86_64-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-devel-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-kvm-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-kvm-debuginfo-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-modules-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
      if (rpm_check(release:"RHEL8", cpu:"x86_64", reference:"kernel-rt-modules-extra-4.18.0-80.7.1.rt9.153.el8_0")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kernel-rt / kernel-rt-core / kernel-rt-debug / kernel-rt-debug-core / etc");
      }
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1635.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.Security Fix(es):An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.(CVE-2018-20836)The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.(CVE-2019-11190)The Siemens R3964 line discipline driver in drivers/tty_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.(CVE-2019-11486)The Linux kernel before 5.1-rc5 allows page-i1/4z_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.(CVE-2019-11487)The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.(CVE-2019-11599)A n issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.(CVE-2019-11810)In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343.(CVE-2018-7191)net/ipv6etfilterf_conntrac k_reasm.c in the Linux kernel before 2.6.34, when the nf_conntrack_ipv6 module is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via certain types of fragmented IPv6 packets.(CVE-2012-2744)Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem.(CVE-2012-3400)The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive.(CVE-2013-2164)The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.(CVE-2013-6282)The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.(CVE-2013-2206)A elevation of privilege vulnerability in the Broadcom wi-fi driver. Product: Android. Versions: Android kernel. Android ID: A-37351060. References: B-V2017060101.(CVE-2017-0786)An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.(CVE-2019-11811)Not e1: kernel-4.19.36-vhulk1907.1.0.h529 and earlier versions in EulerOS Virtualization for ARM 64 3.0.2.0 return incorrect time information when executing the uname -a command.Note2: The kernel version number naming format has been changed after 4.19.36-1.2.184.aarch64, the new version format is 4.19.36-vhulk1907.1.0.hxxx.aarch64, which may lead to false positives of this security advisory. Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-13
    modified2019-05-30
    plugin id125587
    published2019-05-30
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125587
    titleEulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1635)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190729_KERNEL_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) - kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) - kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) - kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811)
    last seen2020-03-18
    modified2019-08-12
    plugin id127726
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127726
    titleScientific Linux Security Update : kernel on SL7.x x86_64 (20190729)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1873.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) and Enhancement(s) : These updated kernel packages include also numerous bug fixes and add several enhancements. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https:// access.redhat.com/articles/4309211
    last seen2020-06-01
    modified2020-06-02
    plugin id127618
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127618
    titleRHEL 7 : kernel (RHSA-2019:1873)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1891.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * kernel-rt: update to the RHEL7.6.z batch#6 source tree (BZ#1718400)
    last seen2020-06-01
    modified2020-06-02
    plugin id127623
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127623
    titleRHEL 7 : kernel-rt (RHSA-2019:1891)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-1873.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) and Enhancement(s) : These updated kernel packages include also numerous bug fixes and add several enhancements. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https:// access.redhat.com/articles/4309211
    last seen2020-05-08
    modified2019-08-12
    plugin id127469
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127469
    titleCentOS 7 : kernel (CESA-2019:1873)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-4058.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900) * Kernel: page cache side channel attacks (CVE-2019-5489) * Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221) * kernel: Handling of might_cancel queueing is not properly pretected against race (CVE-2017-10661) * kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service (CVE-2017-18208) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ# 1748234) * kmem, memcg: system crash due to cache destruction race (BZ#1754829) * kernel build: parallelize redhat/mod-sign.sh (BZ#1755327) * kernel build: speed up module compression step (BZ#1755336)
    last seen2020-06-01
    modified2020-06-02
    plugin id131675
    published2019-12-04
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131675
    titleRHEL 7 : kernel (RHSA-2019:4058)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-1550-1.NASL
    descriptionThe SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-12819: The function __mdiobus_register() called put_device(), which triggered a fixed_mdio_bus_init use-after-free. This would cause a denial of service. (bsc#1138291) CVE-2019-12818: The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This used to affect nfc_llcp_build_gb in net/nfc/llcp_core.c. (bsc#1138293) CVE-2019-11477: A sequence of SACKs may have been crafted such that one can trigger an integer overflow, leading to a kernel panic. CVE-2019-11478: It was possible to send a crafted sequence of SACKs which will fragment the TCP retransmission queue. An attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. CVE-2019-11479: An attacker could force the Linux kernel to segment its responses into multiple TCP segments. This would drastically increased the bandwidth required to deliver the same amount of data. Further, it would consume additional resources such as CPU and NIC processing power. CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. (bsc#1136424) CVE-2019-10124: An issue was discovered in the hwpoison implementation in mm/memory-failure.c in the Linux kernel. When soft_offline_in_use_page() runs on a thp tail page after pmd is split, an attacker could cause a denial of service (bsc#1130699, CVE-2019-10124). CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). (bsc#1136586) CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It could occur with FUSE requests. (bbsc#1133190) CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bsc#1120843) CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. (bsc#1135281) CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here : https://www.intel.com/content/dam/www/public/us/en/documents/corporate -info rmation/SA00233-microcode-update-guidance_05132019. (bsc##1111331) CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bsc#1135603) CVE-2018-12126 CVE-2018-12127 CVE-2018-12130: Microarchitectural Store Buffer Data Sampling (MSBDS): Stored buffers on some microprocessors utilizing speculative execution which may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here : https://www.intel.com/content/dam/www/public/us/en/documents/corporate -info rmation/SA00233-microcode-update-guidance_05132019. (bsc#1103186) CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access. (bsc#1135278) CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel There was a race condition leading to a use-after-free, related to net namespace cleanup. (bsc#1135278) CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a
    last seen2020-05-12
    modified2019-06-19
    plugin id126045
    published2019-06-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126045
    titleSUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:1550-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (SACK Panic) (SACK Slowness) (Spectre)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1479.NASL
    descriptionThe openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-7191: In the tun subsystem dev_get_valid_name xwas not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. This is similar to CVE-2013-4343 (bnc#1135603). - CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux may have allowed an authenticated user to potentially enable escalation of privilege via local access (bnc#1135278). - CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel had multiple race conditions (bnc#1133188). It was disabled by default. - CVE-2019-11811: There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c (bnc#1134397). - CVE-2019-11815: An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c kernel. There is a race condition leading to a use-after-free, related to net namespace cleanup (bnc#1134537). - CVE-2019-11833: fs/ext4/extents.c did not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem (bnc#1135281). - CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c allowed a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a
    last seen2020-06-01
    modified2020-06-02
    plugin id125667
    published2019-06-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125667
    titleopenSUSE Security Update : the Linux Kernel (openSUSE-2019-1479)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-3_0-0009_LINUX.NASL
    descriptionAn update of the linux package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id126378
    published2019-07-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126378
    titlePhoton OS 3.0: Linux PHSA-2019-3.0-0009
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2020-1186.NASL
    descriptionAccording to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.Security Fix(es):Heap-based buffer overflow in the udf_load_logicalvol function in fs/udf/super.c in the Linux kernel before 3.4.5 allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via a crafted UDF filesystem.(CVE-2012-3400)The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive.(CVE-2013-2164)The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel before 3.8.5 does not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic.(CVE-2013-2206)The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.(CVE-2013-6282)An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.(CVE-2018-20836)The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.(CVE-2019-11486)The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests.(CVE-2019-11487)The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.(CVE-2019-11599)A n issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of Service, related to a use-after-free.(CVE-2019-11810)An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.(CVE-2019-11811)A flaw was found in the Linux kernel
    last seen2020-05-03
    modified2020-03-11
    plugin id134387
    published2020-03-11
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/134387
    titleEulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1186)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1873.NASL
    descriptionFrom Red Hat Security Advisory 2019:1873 : An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: nfs: use-after-free in svc_process_common() (CVE-2018-16884) * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: nfs: NULL pointer dereference due to an anomalized NFS message sequence (CVE-2018-16871) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) and Enhancement(s) : These updated kernel packages include also numerous bug fixes and add several enhancements. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https:// access.redhat.com/articles/4309211
    last seen2020-06-01
    modified2020-06-02
    plugin id127603
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127603
    titleOracle Linux 7 : kernel (ELSA-2019-1873)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-0036.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation (CVE-2017-0861) * kernel: Handling of might_cancel queueing is not properly pretected against race (CVE-2017-10661) * kernel: kvm: guest userspace to guest kernel write (CVE-2018-10853) * kernel: TLB flush happens too late on mremap (CVE-2018-18281) * kernel: a NULL pointer dereference in drivers/scsi/megaraid/ megaraid_sas_base.c leading to DoS (CVE-2019-11810) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * Hard lockup in free_one_page()->_raw_spin_lock() because sosreport command is reading from /proc/pagetypeinfo (BZ#1770730)
    last seen2020-06-01
    modified2020-06-02
    plugin id132700
    published2020-01-08
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132700
    titleRHEL 7 : kernel (RHSA-2020:0036)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0180_KERNEL.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. (CVE-2018-10853) - A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel- memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients. (CVE-2018-14625) - drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). (CVE-2018-14734) - arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. (CVE-2018-15594) - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-10-15
    plugin id129900
    published2019-10-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129900
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0180)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0253_KERNEL-RT.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel-rt packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-12-31
    plugin id132495
    published2019-12-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132495
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0253)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-2430-1.NASL
    descriptionThe SUSE Linux Enterprise 15 SP1 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-12126 CVE-2018-12127 CVE-2018-12130: Microarchitectural Store Buffer Data Sampling (MSBDS): Stored buffers on some microprocessors utilizing speculative execution which may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here : https://www.intel.com/content/dam/www/public/us/en/documents/corporate -info rmation/SA00233-microcode-update-guidance_05132019. (bsc#1103186)CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may have allowed an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here : https://www.intel.com/content/dam/www/public/us/en/documents/corporate -info rmation/SA00233-microcode-update-guidance_05132019. (bsc#1111331)CVE-2019-12382: An issue was discovered in drm_load_edid_firmware in drivers/gpu/drm/drm_edid_load.c in the Linux kernel There was an unchecked kstrdup of fwstr, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash). (bsc#1136586) CVE-2019-10124: An issue was discovered in the hwpoison implementation in mm/memory-failure.c in the Linux kernel. When soft_offline_in_use_page() runs on a thp tail page after pmd is split, an attacker could cause a denial of service (bsc#1130699). CVE-2019-11486: The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel has multiple race conditions. (bsc#1133188) CVE-2019-11811: An issue was discovered in the Linux kernel There was a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module was removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c. (bsc#1134397) CVE-2019-11487: The Linux kernel allowed page reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It could occur with FUSE requests. (bsc#1133190) CVE-2019-12818: The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This used to affect nfc_llcp_build_gb in net/nfc/llcp_core.c. (bsc#1138293) CVE-2019-11833: fs/ext4/extents.c in the Linux kernel did not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. (bsc#1135281) CVE-2019-5489: The mincore() implementation in mm/mincore.c in the Linux kernel allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server. (bsc#1120843) CVE-2018-7191: In the tun subsystem in the Linux kernel, dev_get_valid_name was not called before register_netdevice. This allowed local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev name containing a / character. (bsc#1135603) CVE-2019-11884: The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel allowed a local user to obtain potentially sensitive information from kernel stack memory via a hidPCONNADD command, because a name field may not end with a
    last seen2020-05-12
    modified2019-09-24
    plugin id129284
    published2019-09-24
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129284
    titleSUSE SLED15 / SLES15 Security Update : kernel-source-rt (SUSE-SU-2019:2430-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout) (SACK Panic) (SACK Slowness) (Spectre)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-4057.NASL
    descriptionAn update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es) : * Kernel: page cache side channel attacks (CVE-2019-5489) * kernel: Handling of might_cancel queueing is not properly pretected against race (CVE-2017-10661) * kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service (CVE-2017-18208) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1765670) * [MRG/R] pip_stress hangs when a priority inversion occurs (BZ#1772562)
    last seen2020-06-01
    modified2020-06-02
    plugin id131719
    published2019-12-05
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/131719
    titleRHEL 6 : MRG (RHSA-2019:4057)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1959.NASL
    descriptionFrom Red Hat Security Advisory 2019:1959 : An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: DMA attack using peripheral devices (Thunderclap) (BZ#1690716) * kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service (CVE-2018-20784) * kernel: a NULL pointer dereference in drivers/scsi/megaraid/ megaraid_sas_base.c leading to DoS (CVE-2019-11810) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * [DELL 8.0 z-stream BUG] -
    last seen2020-06-01
    modified2020-06-02
    plugin id127976
    published2019-08-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127976
    titleOracle Linux 8 : kernel (ELSA-2019-1959)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1959.NASL
    descriptionAn update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es) : * kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation (CVE-2019-11085) * kernel: DMA attack using peripheral devices (Thunderclap) (BZ#1690716) * kernel: infinite loop in update_blocked_averages() in kernel/sched/fair.c leading to denial of service (CVE-2018-20784) * kernel: a NULL pointer dereference in drivers/scsi/megaraid/ megaraid_sas_base.c leading to DoS (CVE-2019-11810) * kernel: use-after-free in drivers/char/ipmi/ipmi_si_intf.c, ipmi_si_mem_io.c, ipmi_si_port_io.c (CVE-2019-11811) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es) : * [DELL 8.0 z-stream BUG] -
    last seen2020-06-01
    modified2020-06-02
    plugin id127637
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127637
    titleRHEL 8 : kernel (RHSA-2019:1959)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0183_KERNEL-RT.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel-rt packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. (CVE-2018-10853) - A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel- memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients. (CVE-2018-14625) - drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). (CVE-2018-14734) - arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests. (CVE-2018-15594) - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-10-15
    plugin id129920
    published2019-10-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/129920
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : kernel-rt Multiple Vulnerabilities (NS-SA-2019-0183)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0247_KERNEL.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel
    last seen2020-05-08
    modified2019-12-31
    plugin id132474
    published2019-12-31
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/132474
    titleNewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0247)

Redhat

advisories
  • bugzilla
    id1710405
    titleCVE-2019-11085 kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • commentkernel earlier than 0:3.10.0-957.27.2.el7 is currently running
          ovaloval:com.redhat.rhsa:tst:20191873033
        • commentkernel earlier than 0:3.10.0-957.27.2.el7 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20191873034
      • OR
        • AND
          • commentkernel-tools-libs-devel is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873001
          • commentkernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678022
        • AND
          • commentkernel-doc is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873003
          • commentkernel-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842002
        • AND
          • commentkernel-abi-whitelists is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873005
          • commentkernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20131645022
        • AND
          • commentkernel is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873007
          • commentkernel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842012
        • AND
          • commentbpftool is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873009
          • commentbpftool is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183083026
        • AND
          • commentkernel-headers is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873011
          • commentkernel-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842010
        • AND
          • commentkernel-tools-libs is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873013
          • commentkernel-tools-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678016
        • AND
          • commentkernel-debug-devel is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873015
          • commentkernel-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842008
        • AND
          • commentkernel-tools is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873017
          • commentkernel-tools is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678012
        • AND
          • commentkernel-debug is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873019
          • commentkernel-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842014
        • AND
          • commentpython-perf is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873021
          • commentpython-perf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111530024
        • AND
          • commentperf is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873023
          • commentperf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842006
        • AND
          • commentkernel-devel is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873025
          • commentkernel-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842016
        • AND
          • commentkernel-bootwrapper is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873027
          • commentkernel-bootwrapper is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842018
        • AND
          • commentkernel-kdump-devel is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873029
          • commentkernel-kdump-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842022
        • AND
          • commentkernel-kdump is earlier than 0:3.10.0-957.27.2.el7
            ovaloval:com.redhat.rhsa:tst:20191873031
          • commentkernel-kdump is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842020
    rhsa
    idRHSA-2019:1873
    released2019-07-29
    severityImportant
    titleRHSA-2019:1873: kernel security, bug fix, and enhancement update (Important)
  • bugzilla
    id1718400
    titlekernel-rt: update to the RHEL7.6.z batch#6 source tree
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentkernel-rt-doc is earlier than 0:3.10.0-957.27.2.rt56.940.el7
            ovaloval:com.redhat.rhsa:tst:20191891001
          • commentkernel-rt-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727002
        • AND
          • commentkernel-rt-debug is earlier than 0:3.10.0-957.27.2.rt56.940.el7
            ovaloval:com.redhat.rhsa:tst:20191891003
          • commentkernel-rt-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727014
        • AND
          • commentkernel-rt-trace is earlier than 0:3.10.0-957.27.2.rt56.940.el7
            ovaloval:com.redhat.rhsa:tst:20191891005
          • commentkernel-rt-trace is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727008
        • AND
          • commentkernel-rt-debug-devel is earlier than 0:3.10.0-957.27.2.rt56.940.el7
            ovaloval:com.redhat.rhsa:tst:20191891007
          • commentkernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727010
        • AND
          • commentkernel-rt is earlier than 0:3.10.0-957.27.2.rt56.940.el7
            ovaloval:com.redhat.rhsa:tst:20191891009
          • commentkernel-rt is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727006
        • AND
          • commentkernel-rt-devel is earlier than 0:3.10.0-957.27.2.rt56.940.el7
            ovaloval:com.redhat.rhsa:tst:20191891011
          • commentkernel-rt-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727012
        • AND
          • commentkernel-rt-trace-devel is earlier than 0:3.10.0-957.27.2.rt56.940.el7
            ovaloval:com.redhat.rhsa:tst:20191891013
          • commentkernel-rt-trace-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727004
        • AND
          • commentkernel-rt-debug-kvm is earlier than 0:3.10.0-957.27.2.rt56.940.el7
            ovaloval:com.redhat.rhsa:tst:20191891015
          • commentkernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212020
        • AND
          • commentkernel-rt-trace-kvm is earlier than 0:3.10.0-957.27.2.rt56.940.el7
            ovaloval:com.redhat.rhsa:tst:20191891017
          • commentkernel-rt-trace-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212016
        • AND
          • commentkernel-rt-kvm is earlier than 0:3.10.0-957.27.2.rt56.940.el7
            ovaloval:com.redhat.rhsa:tst:20191891019
          • commentkernel-rt-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212018
    rhsa
    idRHSA-2019:1891
    released2019-07-29
    severityImportant
    titleRHSA-2019:1891: kernel-rt security and bug fix update (Important)
  • bugzilla
    id1710405
    titleCVE-2019-11085 kernel: insufficient input validation in kernel mode driver in Intel i915 graphics leads to privilege escalation
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • commentkernel earlier than 0:4.18.0-80.7.1.el8_0 is currently running
          ovaloval:com.redhat.rhsa:tst:20191959051
        • commentkernel earlier than 0:4.18.0-80.7.1.el8_0 is set to boot up on next boot
          ovaloval:com.redhat.rhsa:tst:20191959052
      • OR
        • AND
          • commentkernel-doc is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959001
          • commentkernel-doc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842002
        • AND
          • commentkernel-abi-whitelists is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959003
          • commentkernel-abi-whitelists is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20131645022
        • AND
          • commentpython3-perf is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959005
          • commentpython3-perf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167024
        • AND
          • commentkernel-tools is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959007
          • commentkernel-tools is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678012
        • AND
          • commentkernel-devel is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959009
          • commentkernel-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842016
        • AND
          • commentkernel-headers is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959011
          • commentkernel-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842010
        • AND
          • commentkernel-tools-libs is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959013
          • commentkernel-tools-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678016
        • AND
          • commentkernel-modules is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959015
          • commentkernel-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167044
        • AND
          • commentkernel-debug-modules-extra is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959017
          • commentkernel-debug-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167010
        • AND
          • commentbpftool is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959019
          • commentbpftool is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183083026
        • AND
          • commentperf is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959021
          • commentperf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842006
        • AND
          • commentkernel is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959023
          • commentkernel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842012
        • AND
          • commentkernel-cross-headers is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959025
          • commentkernel-cross-headers is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167046
        • AND
          • commentkernel-modules-extra is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959027
          • commentkernel-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167016
        • AND
          • commentkernel-debug-modules is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959029
          • commentkernel-debug-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167018
        • AND
          • commentkernel-core is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959031
          • commentkernel-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167036
        • AND
          • commentkernel-debug is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959033
          • commentkernel-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842014
        • AND
          • commentkernel-debug-devel is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959035
          • commentkernel-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20100842008
        • AND
          • commentkernel-debug-core is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959037
          • commentkernel-debug-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167026
        • AND
          • commentkernel-zfcpdump-devel is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959039
          • commentkernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167038
        • AND
          • commentkernel-zfcpdump-modules-extra is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959041
          • commentkernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167014
        • AND
          • commentkernel-zfcpdump-core is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959043
          • commentkernel-zfcpdump-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167006
        • AND
          • commentkernel-zfcpdump-modules is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959045
          • commentkernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167020
        • AND
          • commentkernel-zfcpdump is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959047
          • commentkernel-zfcpdump is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191167008
        • AND
          • commentkernel-tools-libs-devel is earlier than 0:4.18.0-80.7.1.el8_0
            ovaloval:com.redhat.rhsa:tst:20191959049
          • commentkernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140678022
    rhsa
    idRHSA-2019:1959
    released2019-07-30
    severityImportant
    titleRHSA-2019:1959: kernel security, bug fix, and enhancement update (Important)
  • bugzilla
    id1717516
    titlekernel-rt: update to the RHEL8.0.z batch#2 source tree
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • OR
        • AND
          • commentkernel-rt-debug-modules-extra is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971001
          • commentkernel-rt-debug-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174016
        • AND
          • commentkernel-rt is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971003
          • commentkernel-rt is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727006
        • AND
          • commentkernel-rt-debug-devel is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971005
          • commentkernel-rt-debug-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727010
        • AND
          • commentkernel-rt-modules-extra is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971007
          • commentkernel-rt-modules-extra is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174008
        • AND
          • commentkernel-rt-debug-modules is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971009
          • commentkernel-rt-debug-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174010
        • AND
          • commentkernel-rt-debug-kvm is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971011
          • commentkernel-rt-debug-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212020
        • AND
          • commentkernel-rt-core is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971013
          • commentkernel-rt-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174006
        • AND
          • commentkernel-rt-devel is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971015
          • commentkernel-rt-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727012
        • AND
          • commentkernel-rt-kvm is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971017
          • commentkernel-rt-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20160212018
        • AND
          • commentkernel-rt-modules is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971019
          • commentkernel-rt-modules is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174020
        • AND
          • commentkernel-rt-debug-core is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971021
          • commentkernel-rt-debug-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191174022
        • AND
          • commentkernel-rt-debug is earlier than 0:4.18.0-80.7.1.rt9.153.el8_0
            ovaloval:com.redhat.rhsa:tst:20191971023
          • commentkernel-rt-debug is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150727014
    rhsa
    idRHSA-2019:1971
    released2019-07-30
    severityImportant
    titleRHSA-2019:1971: kernel-rt security and bug fix update (Important)
  • rhsa
    idRHSA-2019:4057
  • rhsa
    idRHSA-2019:4058
  • rhsa
    idRHSA-2020:0036
rpms
  • bpftool-0:3.10.0-957.27.2.el7
  • kernel-0:3.10.0-957.27.2.el7
  • kernel-abi-whitelists-0:3.10.0-957.27.2.el7
  • kernel-bootwrapper-0:3.10.0-957.27.2.el7
  • kernel-debug-0:3.10.0-957.27.2.el7
  • kernel-debug-debuginfo-0:3.10.0-957.27.2.el7
  • kernel-debug-devel-0:3.10.0-957.27.2.el7
  • kernel-debuginfo-0:3.10.0-957.27.2.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-957.27.2.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-957.27.2.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-957.27.2.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-957.27.2.el7
  • kernel-devel-0:3.10.0-957.27.2.el7
  • kernel-doc-0:3.10.0-957.27.2.el7
  • kernel-headers-0:3.10.0-957.27.2.el7
  • kernel-kdump-0:3.10.0-957.27.2.el7
  • kernel-kdump-debuginfo-0:3.10.0-957.27.2.el7
  • kernel-kdump-devel-0:3.10.0-957.27.2.el7
  • kernel-tools-0:3.10.0-957.27.2.el7
  • kernel-tools-debuginfo-0:3.10.0-957.27.2.el7
  • kernel-tools-libs-0:3.10.0-957.27.2.el7
  • kernel-tools-libs-devel-0:3.10.0-957.27.2.el7
  • perf-0:3.10.0-957.27.2.el7
  • perf-debuginfo-0:3.10.0-957.27.2.el7
  • python-perf-0:3.10.0-957.27.2.el7
  • python-perf-debuginfo-0:3.10.0-957.27.2.el7
  • kernel-rt-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debug-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debug-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debug-devel-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debug-kvm-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debug-kvm-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-debuginfo-common-x86_64-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-devel-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-doc-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-kvm-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-kvm-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-trace-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-trace-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-trace-devel-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-trace-kvm-0:3.10.0-957.27.2.rt56.940.el7
  • kernel-rt-trace-kvm-debuginfo-0:3.10.0-957.27.2.rt56.940.el7
  • bpftool-0:4.18.0-80.7.1.el8_0
  • bpftool-debuginfo-0:4.18.0-80.7.1.el8_0
  • kernel-0:4.18.0-80.7.1.el8_0
  • kernel-abi-whitelists-0:4.18.0-80.7.1.el8_0
  • kernel-core-0:4.18.0-80.7.1.el8_0
  • kernel-cross-headers-0:4.18.0-80.7.1.el8_0
  • kernel-debug-0:4.18.0-80.7.1.el8_0
  • kernel-debug-core-0:4.18.0-80.7.1.el8_0
  • kernel-debug-debuginfo-0:4.18.0-80.7.1.el8_0
  • kernel-debug-devel-0:4.18.0-80.7.1.el8_0
  • kernel-debug-modules-0:4.18.0-80.7.1.el8_0
  • kernel-debug-modules-extra-0:4.18.0-80.7.1.el8_0
  • kernel-debuginfo-0:4.18.0-80.7.1.el8_0
  • kernel-debuginfo-common-aarch64-0:4.18.0-80.7.1.el8_0
  • kernel-debuginfo-common-ppc64le-0:4.18.0-80.7.1.el8_0
  • kernel-debuginfo-common-s390x-0:4.18.0-80.7.1.el8_0
  • kernel-debuginfo-common-x86_64-0:4.18.0-80.7.1.el8_0
  • kernel-devel-0:4.18.0-80.7.1.el8_0
  • kernel-doc-0:4.18.0-80.7.1.el8_0
  • kernel-headers-0:4.18.0-80.7.1.el8_0
  • kernel-modules-0:4.18.0-80.7.1.el8_0
  • kernel-modules-extra-0:4.18.0-80.7.1.el8_0
  • kernel-tools-0:4.18.0-80.7.1.el8_0
  • kernel-tools-debuginfo-0:4.18.0-80.7.1.el8_0
  • kernel-tools-libs-0:4.18.0-80.7.1.el8_0
  • kernel-tools-libs-devel-0:4.18.0-80.7.1.el8_0
  • kernel-zfcpdump-0:4.18.0-80.7.1.el8_0
  • kernel-zfcpdump-core-0:4.18.0-80.7.1.el8_0
  • kernel-zfcpdump-debuginfo-0:4.18.0-80.7.1.el8_0
  • kernel-zfcpdump-devel-0:4.18.0-80.7.1.el8_0
  • kernel-zfcpdump-modules-0:4.18.0-80.7.1.el8_0
  • kernel-zfcpdump-modules-extra-0:4.18.0-80.7.1.el8_0
  • perf-0:4.18.0-80.7.1.el8_0
  • perf-debuginfo-0:4.18.0-80.7.1.el8_0
  • python3-perf-0:4.18.0-80.7.1.el8_0
  • python3-perf-debuginfo-0:4.18.0-80.7.1.el8_0
  • kernel-rt-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-core-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-debug-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-debug-core-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-debug-debuginfo-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-debug-devel-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-debug-kvm-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-debug-kvm-debuginfo-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-debug-modules-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-debug-modules-extra-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-debuginfo-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-debuginfo-common-x86_64-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-devel-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-kvm-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-kvm-debuginfo-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-modules-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-modules-extra-0:4.18.0-80.7.1.rt9.153.el8_0
  • kernel-rt-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-debug-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-debug-debuginfo-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-debug-devel-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-debuginfo-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-debuginfo-common-x86_64-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-devel-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-doc-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-firmware-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-trace-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-trace-debuginfo-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-trace-devel-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-vanilla-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-vanilla-debuginfo-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-rt-vanilla-devel-1:3.10.0-693.61.1.rt56.656.el6rt
  • kernel-0:3.10.0-693.61.1.el7
  • kernel-abi-whitelists-0:3.10.0-693.61.1.el7
  • kernel-bootwrapper-0:3.10.0-693.61.1.el7
  • kernel-debug-0:3.10.0-693.61.1.el7
  • kernel-debug-debuginfo-0:3.10.0-693.61.1.el7
  • kernel-debug-devel-0:3.10.0-693.61.1.el7
  • kernel-debuginfo-0:3.10.0-693.61.1.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-693.61.1.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-693.61.1.el7
  • kernel-devel-0:3.10.0-693.61.1.el7
  • kernel-doc-0:3.10.0-693.61.1.el7
  • kernel-headers-0:3.10.0-693.61.1.el7
  • kernel-tools-0:3.10.0-693.61.1.el7
  • kernel-tools-debuginfo-0:3.10.0-693.61.1.el7
  • kernel-tools-libs-0:3.10.0-693.61.1.el7
  • kernel-tools-libs-devel-0:3.10.0-693.61.1.el7
  • perf-0:3.10.0-693.61.1.el7
  • perf-debuginfo-0:3.10.0-693.61.1.el7
  • python-perf-0:3.10.0-693.61.1.el7
  • python-perf-debuginfo-0:3.10.0-693.61.1.el7
  • kernel-0:3.10.0-862.46.1.el7
  • kernel-abi-whitelists-0:3.10.0-862.46.1.el7
  • kernel-bootwrapper-0:3.10.0-862.46.1.el7
  • kernel-debug-0:3.10.0-862.46.1.el7
  • kernel-debug-debuginfo-0:3.10.0-862.46.1.el7
  • kernel-debug-devel-0:3.10.0-862.46.1.el7
  • kernel-debuginfo-0:3.10.0-862.46.1.el7
  • kernel-debuginfo-common-ppc64-0:3.10.0-862.46.1.el7
  • kernel-debuginfo-common-ppc64le-0:3.10.0-862.46.1.el7
  • kernel-debuginfo-common-s390x-0:3.10.0-862.46.1.el7
  • kernel-debuginfo-common-x86_64-0:3.10.0-862.46.1.el7
  • kernel-devel-0:3.10.0-862.46.1.el7
  • kernel-doc-0:3.10.0-862.46.1.el7
  • kernel-headers-0:3.10.0-862.46.1.el7
  • kernel-kdump-0:3.10.0-862.46.1.el7
  • kernel-kdump-debuginfo-0:3.10.0-862.46.1.el7
  • kernel-kdump-devel-0:3.10.0-862.46.1.el7
  • kernel-tools-0:3.10.0-862.46.1.el7
  • kernel-tools-debuginfo-0:3.10.0-862.46.1.el7
  • kernel-tools-libs-0:3.10.0-862.46.1.el7
  • kernel-tools-libs-devel-0:3.10.0-862.46.1.el7
  • perf-0:3.10.0-862.46.1.el7
  • perf-debuginfo-0:3.10.0-862.46.1.el7
  • python-perf-0:3.10.0-862.46.1.el7
  • python-perf-debuginfo-0:3.10.0-862.46.1.el7

References