Details of VAR-201908-1958

ID

VAR-201908-1958

CVE

CVE-2019-9506

TITLE

Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks

Trust: 0.8

sources: CERT/CC: VU#918987

DESCRIPTION

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Once the entropy is reduced, the attacker can brute-force the encryption key and use it to decrypt communications. Bluetooth BR/EDR is a Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate) standard. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. A weakness in the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification exposes a vulnerability that could allow for an unauthenticated, adjacent malicious user to perform a man-in-the-middle attack on an encrypted Bluetooth connection. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. The issue could allow the malicious user to reduce the entropy of the negotiated session key that is used to secure a Bluetooth connection between a paired device and a host device. An attacker who can successfully inject a malicious message into a Bluetooth connection during session negotiation or renegotiation could cause the strength of the session key to be susceptible to brute force attack. This advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability. This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 7.5) - ppc64, ppc64le, x86_64 3. Bug Fix(es): * TCP packets are segmented when sent to the VLAN device when coming from VXLAN dev. (BZ#1732810) * skb head copy occurs when sending traffic over OVS managed VXLAN tunnel (BZ#1733896) * [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734306) * use "make -jN" for modules_install (BZ#1735082) * Backport TCP follow-up for small buffers (BZ#1739128) * [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740176) * RHEL7.6 - powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745437) * RHEL7.6 - powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745439) * RHEL7.5 - ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745447) 4. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bugs fixed (https://bugzilla.redhat.com/): 1656986 - CVE-2018-19854 kernel: Information Disclosure in crypto_report_one in crypto/crypto_user.c 1660375 - CVE-2018-16884 kernel: nfs: use-after-free in svc_process_common() 1660385 - CVE-2018-20169 kernel: usb: missing size check in the __usb_get_extra_descriptor() leading to DoS 1663176 - CVE-2019-3459 kernel: Heap address information leak while using L2CAP_GET_CONF_OPT 1663179 - CVE-2019-3460 kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP 1664110 - CVE-2019-5489 Kernel: page cache side channel attacks 1666106 - CVE-2018-19985 kernel: oob memory read in hso_probe in drivers/net/usb/hso.c 1671930 - CVE-2019-7222 Kernel: KVM: leak of uninitialized stack contents to guest 1678887 - RT: update RT source tree to the RHEL-8.1 tree 1686373 - CVE-2019-3874 kernel: SCTP socket buffer memory leak leading to denial of service 1689426 - CVE-2019-3882 kernel: denial of service vector through vfio DMA mappings 1698757 - CVE-2019-3900 Kernel: vhost_net: infinite loop while receiving packets leads to DoS 1700666 - Make kernel-rt require rt-setup 1705937 - CVE-2019-11599 kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping 1709837 - CVE-2019-11884 kernel: sensitive information disclosure from kernel stack memory via HIDPCONNADD command 1712072 - CVE-2019-11833 kernel: fs/ext4/extents.c leads to information disclosure 1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c 1724657 - BUG: scheduling while atomic in zswap 1727756 - CVE-2019-13233 kernel: use-after-free in arch/x86/lib/insn-eval.c 1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) 1728765 - BUG: scheduling while atomic: rcuc/13/134/0x00000002 1729931 - CVE-2019-10638 Kernel: net: weak IP ID generation leads to remote device tracking 1733472 - BUG: scheduling while atomic: rcuc/1/24/0x00000002 1733874 - CVE-2019-10207 kernel: null-pointer dereference in hci_uart_set_flow_control 1743931 - BUG: unable to handle kernel NULL pointer dereference at 0000000000000020 1745646 - [RT] sched/fair: Robustify CFS-bandwidth timer locking 1746708 - CVE-2019-14821 Kernel: KVM: OOB memory access via mmio ring buffer 1750813 - CVE-2019-15916 kernel: memory leak in register_queue_kobjects() in net/core/net-sysfs.c leads to denial of service 6. Bug Fix(es): * port show-kabi to python3 (BZ#1806924) 4. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:3055-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3055 Issue date: 2019-10-15 CVE Names: CVE-2018-20856 CVE-2019-3846 CVE-2019-9506 CVE-2019-10126 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Security Fix(es): * kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856) * kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846) * hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506) * kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fixes: * gfs2: Fix iomap write page reclaim deadlock (BZ#1737373) * [FJ7.6 Bug]: [REG] kernel: ipc: ipc_free should use kvfree (BZ#1740178) * high update_cfs_rq_blocked_load contention (BZ#1740180) * [Hyper-V][RHEL 7] kdump fails to start on a Hyper-V guest of Windows Server 2019. (BZ#1740188) * kvm: backport cpuidle-haltpoll driver (BZ#1740192) * Growing unreclaimable slab memory (BZ#1741920) * [bnx2x] ping failed from pf to vf which has been attached to vm (BZ#1741926) * [Hyper-V]vPCI devices cannot allocate IRQs vectors in a Hyper-V VM with > 240 vCPUs (i.e., when in x2APIC mode) (BZ#1743324) * Macsec: inbound MACSEC frame is unexpectedly dropped with InPktsNotValid (BZ#1744442) * RHEL 7.7 Beta - Hit error when trying to run nvme connect with IPv6 address (BZ#1744443) * RHEL 7.6 SS4 - Paths lost when running straight I/O on NVMe/RoCE system (BZ#1744444) * NFSv4.0 client sending a double CLOSE (leading to EIO application failure) (BZ#1744946) * [Azure] CRI-RDOS | [RHEL 7.8] Live migration only takes 10 seconds, but the VM was unavailable for 2 hours (BZ#1748239) * NFS client autodisconnect timer may fire immediately after TCP connection setup and may cause DoS type reconnect problem in complex network environments (BZ#1749290) * [Inspur] RHEL7.6 ASPEED graphic card display issue (BZ#1749296) * Allows macvlan to operated correctly over the active-backup mode to support bonding events. (BZ#1751579) * [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ#1752421) Users of kernel are advised to upgrade to these updated packages, which fix these bugs. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1713059 - CVE-2019-3846 kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c 1716992 - CVE-2019-10126 kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c 1727857 - CVE-2019-9506 hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) 1738705 - CVE-2018-20856 kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1062.4.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1062.4.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1062.4.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm ppc64: bpftool-3.10.0-1062.4.1.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-3.10.0-1062.4.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.1.el7.ppc64.rpm kernel-devel-3.10.0-1062.4.1.el7.ppc64.rpm kernel-headers-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.ppc64.rpm perf-3.10.0-1062.4.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm python-perf-3.10.0-1062.4.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1062.4.1.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-devel-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-headers-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.ppc64le.rpm perf-3.10.0-1062.4.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm python-perf-3.10.0-1062.4.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm s390x: bpftool-3.10.0-1062.4.1.el7.s390x.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-3.10.0-1062.4.1.el7.s390x.rpm kernel-debug-3.10.0-1062.4.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.s390x.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1062.4.1.el7.s390x.rpm kernel-devel-3.10.0-1062.4.1.el7.s390x.rpm kernel-headers-3.10.0-1062.4.1.el7.s390x.rpm kernel-kdump-3.10.0-1062.4.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-1062.4.1.el7.s390x.rpm perf-3.10.0-1062.4.1.el7.s390x.rpm perf-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm python-perf-3.10.0-1062.4.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.s390x.rpm x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1062.4.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.1.el7.noarch.rpm kernel-doc-3.10.0-1062.4.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.1.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.1.el7.x86_64.rpm perf-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXaYG69zjgjWX9erEAQjA1Q/7Bte0lgWfI6xE9bw9FqrE7ZFw3Jq5bqV1 8PYYAZBFCLUHsC1HS33jiTGGaS5xbqR4yrtNCnZHLhsZU6w9avm0zDFW2CEzAwRC Uri5R30mCVtc2p3jsHupNKrKhzzkmKjz2J5gYn+ubX9Ok7ScxZZ8ucF9kJcSx7LL qswocd0lWkbjy/2MY0t6MCMnvoNvgOB1XEmQE5a9CHrHtKe9kEJcWJUht6vXqhZ4 SJYkMLDIsDYOXFsWBwZnKT0BVXNurS9+g7b7MX4ZaQATN5MD9x7jP7FYTIp8lhyJ NKOqa8/D5eFGKF3YlgySgqXZ22XT1MasENDJ7OS62lRQd+/eeznyK0CUOAtILLvH 1GTfXgz8nvMynX+ZKkiZv5+tEFCWFNKkHudYuzoirFa+p29l0YWW6SjfPN+c3NnE 9DLfZhqYuX2tcx3O8khxjS/okRh5mBFQvzXlWqyPmgqsbjP0L5R2YoPNMzzGB3OQ FA/QgjD8AD9Tn8+rZM+VeoWVYTwPT8OMv1wMEqOeJLIxR8/DiY42YEQiNBU2na4W AYajLwK6d3Ey+DV+/5YwjWWQOyyTxP9Q8F0xb61HdQmq1dILZJgFBmVR5ilxlpoJ sHiYCTKF/M8DbDGSWwZkD69ZPtBWPGvTI0XkgTIfhcTeF2BRL2UZkszrM72QjGqH OQh6hA3MyvA=zvD0 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. 7) - noarch, x86_64 3. Bug Fix(es): * kernel-rt: update to the RHEL7.7.z batch#2 source tree (BZ#1748570) 4. ========================================================================== Ubuntu Security Notice USN-4147-1 October 04, 2019 linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors - linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems - linux-hwe: Linux hardware enablement (HWE) kernel Details: It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136) It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207) It was discovered that the GTCO tablet input driver in the Linux kernel did not properly bounds check the initial HID report sent by the device. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13631) It was discovered that an out-of-bounds read existed in the QLogic QEDI iSCSI Initiator Driver in the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-15090) Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel did not properly validate device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15117) Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel improperly performed recursion while handling device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15118) It was discovered that the Raremono AM/FM/SW radio device driver in the Linux kernel did not properly allocate memory, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2019-15211) It was discovered at a double-free error existed in the USB Rio 500 device driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service. (CVE-2019-15212) It was discovered that a race condition existed in the CPiA2 video4linux device driver for the Linux kernel, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15215) It was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15220) Benjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service. (CVE-2019-15538) It was discovered that the Hisilicon HNS3 ethernet device driver in the Linux kernel contained an out of bounds access vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2019-15925) It was discovered that the Atheros mobile chipset driver in the Linux kernel did not properly validate data in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2019-15926) Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. A physically proximate attacker could use this to expose sensitive information. (CVE-2019-9506) It was discovered that ZR364XX Camera USB device driver for the Linux kernel did not properly initialize memory. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15217) It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel made improper assumptions about the device characteristics. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2019-15218) It was discovered that the Line 6 POD USB device driver in the Linux kernel did not properly validate data size information from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15221) It was discovered that the Line 6 USB driver for the Linux kernel contained a race condition when the device was disconnected. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15223) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: linux-image-5.0.0-1018-aws 5.0.0-1018.20 linux-image-5.0.0-1019-kvm 5.0.0-1019.20 linux-image-5.0.0-1019-raspi2 5.0.0-1019.19 linux-image-5.0.0-1020-gcp 5.0.0-1020.20 linux-image-5.0.0-1022-azure 5.0.0-1022.23 linux-image-5.0.0-1023-snapdragon 5.0.0-1023.24 linux-image-5.0.0-31-generic 5.0.0-31.33 linux-image-5.0.0-31-generic-lpae 5.0.0-31.33 linux-image-5.0.0-31-lowlatency 5.0.0-31.33 linux-image-aws 5.0.0.1018.19 linux-image-azure 5.0.0.1022.21 linux-image-gcp 5.0.0.1020.46 linux-image-generic 5.0.0.31.32 linux-image-generic-lpae 5.0.0.31.32 linux-image-gke 5.0.0.1020.46 linux-image-kvm 5.0.0.1019.19 linux-image-lowlatency 5.0.0.31.32 linux-image-raspi2 5.0.0.1019.16 linux-image-snapdragon 5.0.0.1023.16 linux-image-virtual 5.0.0.31.32 Ubuntu 18.04 LTS: linux-image-5.0.0-1020-gke 5.0.0-1020.20~18.04.1 linux-image-5.0.0-31-generic 5.0.0-31.33~18.04.1 linux-image-5.0.0-31-generic-lpae 5.0.0-31.33~18.04.1 linux-image-5.0.0-31-lowlatency 5.0.0-31.33~18.04.1 linux-image-generic-hwe-18.04 5.0.0.31.88 linux-image-generic-lpae-hwe-18.04 5.0.0.31.88 linux-image-gke-5.0 5.0.0.1020.9 linux-image-lowlatency-hwe-18.04 5.0.0.31.88 linux-image-snapdragon-hwe-18.04 5.0.0.31.88 linux-image-virtual-hwe-18.04 5.0.0.31.88 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4147-1 CVE-2019-0136, CVE-2019-10207, CVE-2019-13631, CVE-2019-15090, CVE-2019-15117, CVE-2019-15118, CVE-2019-15211, CVE-2019-15212, CVE-2019-15215, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15223, CVE-2019-15538, CVE-2019-15925, CVE-2019-15926, CVE-2019-9506 Package Information: https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33 https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20 https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23 https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20 https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20 https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19 https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24 https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1 https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1

Trust: 2.61

sources: NVD: CVE-2019-9506 // CERT/CC: VU#918987 // VULHUB: VHN-160941 // VULMON: CVE-2019-9506 // PACKETSTORM: 154779 // PACKETSTORM: 155121 // PACKETSTORM: 157216 // PACKETSTORM: 155147 // PACKETSTORM: 154863 // PACKETSTORM: 154862 // PACKETSTORM: 154879 // PACKETSTORM: 154740 // PACKETSTORM: 155006

AFFECTED PRODUCTS

vendor:	huawei	model:	y6 pro 2019	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	atomu-l41	scope:	lt	version:	8.0.0.153\(c461custc461d1\)	Trust: 1.0
vendor:	huawei	model:	charlotte-l29c	scope:	lt	version:	9.1.0.328\(c782e10r1p9t8\)	Trust: 1.0
vendor:	huawei	model:	imanager neteco	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	florida-l23	scope:	lt	version:	9.1.0.154\(c605e7r1p2t8\)	Trust: 1.0
vendor:	huawei	model:	figo-l31	scope:	lt	version:	9.1.0.122\(c09e7r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	figo-l31	scope:	lt	version:	9.1.0.165\(c10e8r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	berkeley-l09	scope:	lt	version:	9.1.0.332\(c432e5r1p13t8\)	Trust: 1.0
vendor:	huawei	model:	emily-l29c	scope:	lt	version:	9.1.0.328\(c432e7r1p11t8\)	Trust: 1.0
vendor:	huawei	model:	leland-l31a	scope:	eq	version:	-	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.13.6	Trust: 1.0
vendor:	redhat	model:	enterprise linux server	scope:	eq	version:	7.0	Trust: 1.0
vendor:	huawei	model:	nova 5	scope:	eq	version:	-	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	princeton-al10b	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	figo-l31	scope:	eq	version:	8.0.0.122d\(c652\)	Trust: 1.0
vendor:	huawei	model:	sydney-l22br	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	columbia-tl00d	scope:	lt	version:	8.1.0.186\(c01gt\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	8.2	Trust: 1.0
vendor:	redhat	model:	enterprise linux aus	scope:	eq	version:	7.5	Trust: 1.0
vendor:	huawei	model:	honor 20	scope:	lt	version:	9.1.0.149\(c675e8r2p1\)	Trust: 1.0
vendor:	huawei	model:	honor 20 pro	scope:	lt	version:	9.1.0.170\(c185e2r5p1\)	Trust: 1.0
vendor:	huawei	model:	lelandp-al10b	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	yale-al50a	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux for real time	scope:	eq	version:	7	Trust: 1.0
vendor:	huawei	model:	alp-al00b	scope:	lt	version:	9.1.0.333\(c00e333r2p1t8\)	Trust: 1.0
vendor:	huawei	model:	honor 20 pro	scope:	lt	version:	9.1.0.172\(c432e2r5p1\)	Trust: 1.0
vendor:	huawei	model:	y7 2019	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux for real time eus	scope:	eq	version:	8.2	Trust: 1.0
vendor:	huawei	model:	yale-l21a	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	columbia-l29d	scope:	lt	version:	9.1.0.350\(c636e3r1p13t8\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux for real time for nfv	scope:	eq	version:	7	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	7.4	Trust: 1.0
vendor:	huawei	model:	emily-l29c	scope:	lt	version:	9.1.0.325\(c185e2r1p12t8\)	Trust: 1.0
vendor:	huawei	model:	y5 2018	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	asoka-al00ax	scope:	lt	version:	9.1.1.181\(c00e48r6p1\)	Trust: 1.0
vendor:	huawei	model:	paris-l21b	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	charlotte-l29c	scope:	lt	version:	9.1.0.325\(c185e4r1p11t8\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	8.2	Trust: 1.0
vendor:	huawei	model:	columbia-al10i	scope:	lt	version:	9.1.0.335\(c675e8r1p9t8\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux for real time for nfv	scope:	eq	version:	8	Trust: 1.0
vendor:	huawei	model:	potter-al00c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	potter-al10a	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	7.3	Trust: 1.0
vendor:	huawei	model:	tony-al00b	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	nova 4	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	bla-tl00b	scope:	lt	version:	9.1.0.329\(c01e320r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	yale-al00a	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	7.6	Trust: 1.0
vendor:	huawei	model:	leland-l21a	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	columbia-al10b	scope:	lt	version:	9.1.0.333\(c00e333r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	p smart 2019	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	columbia-l29d	scope:	lt	version:	9.1.0.350\(c185e3r1p12t8\)	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	redhat	model:	enterprise linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	huawei	model:	lelandp-al10d	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	figo-l23	scope:	lt	version:	9.1.0.160\(c605e6r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	bla-l29c	scope:	lt	version:	9.1.0.306\(c636e2r1p13t8\)	Trust: 1.0
vendor:	huawei	model:	leland-l42a	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	paris-l21meb	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	sydney-l22	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	lelandp-l22a	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	neo-al00d	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	7.6	Trust: 1.0
vendor:	huawei	model:	columbia-l29d	scope:	lt	version:	9.1.0.351\(c432e5r1p13t8\)	Trust: 1.0
vendor:	huawei	model:	lelandp-al00c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	florida-l21	scope:	lt	version:	9.1.0.150\(c432e6r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	bla-l29c	scope:	lt	version:	9.1.0.306\(c185e2r1p13t8\)	Trust: 1.0
vendor:	huawei	model:	bla-l29c	scope:	lt	version:	9.1.0.307\(c635e4r1p13t8\)	Trust: 1.0
vendor:	huawei	model:	katyusha-al00a	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	harry-al00c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	princeton-tl10c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	honor 8x	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	honor 20 pro	scope:	lt	version:	9.1.0.171\(c10e2r3p1\)	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	eq	version:	12.4	Trust: 1.0
vendor:	huawei	model:	ares-al00b	scope:	lt	version:	9.1.0.160\(c00e160r2p5t8\)	Trust: 1.0
vendor:	huawei	model:	honor 20	scope:	lt	version:	9.1.0.143\(c675e8r2p1\)	Trust: 1.0
vendor:	huawei	model:	yale-l61c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	columbia-l29d	scope:	lt	version:	9.1.0.350\(c10e5r1p14t8\)	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.14.5	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	8.2	Trust: 1.0
vendor:	huawei	model:	nova 5i pro	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux for real time for nfv eus	scope:	eq	version:	8.4	Trust: 1.0
vendor:	huawei	model:	dubai-al00a	scope:	lt	version:	8.2.0.190\(c00r2p2\)	Trust: 1.0
vendor:	huawei	model:	bla-l29c	scope:	lt	version:	9.1.0.306\(c432e4r1p11t8\)	Trust: 1.0
vendor:	huawei	model:	sydney-l21br	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	cornell-l29a	scope:	lt	version:	9.1.0.347\(c432e1r1p9t8\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	7.3	Trust: 1.0
vendor:	huawei	model:	cornell-al00ind	scope:	lt	version:	8.2.0.141\(c675custc675d1gt\)	Trust: 1.0
vendor:	huawei	model:	cornell-l29a	scope:	lt	version:	9.1.0.342\(c461e1r1p9t8\)	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	19.04	Trust: 1.0
vendor:	huawei	model:	cairogo-l22	scope:	lt	version:	cairogo-l22c461b153	Trust: 1.0
vendor:	huawei	model:	london-al40ind	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	florida-l21	scope:	lt	version:	9.1.0.150\(c185e6r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	florida-tl10b	scope:	lt	version:	9.1.0.128\(c01e112r1p6t8\)	Trust: 1.0
vendor:	huawei	model:	honor view 20	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	yale-tl00b	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	sydneym-l03	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	cornell-tl10b	scope:	lt	version:	9.1.0.333\(c01e333r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	dura-al00a	scope:	lt	version:	1.0.0.182\(c00\)	Trust: 1.0
vendor:	huawei	model:	figo-l31	scope:	lt	version:	9.1.0.137\(c33e8r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	emily-l29c	scope:	eq	version:	8.1.0.156\(c605\)	Trust: 1.0
vendor:	huawei	model:	mate 20 pro	scope:	eq	version:	-	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	eq	version:	10.12.6	Trust: 1.0
vendor:	huawei	model:	honor view 10	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	honor 10 lite	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	honor 20 pro	scope:	lt	version:	9.1.0.154\(c185e2r5p1\)	Trust: 1.0
vendor:	redhat	model:	mrg realtime	scope:	eq	version:	2.0	Trust: 1.0
vendor:	huawei	model:	lelandp-l22c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	leland-l42c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	sydneym-l23	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	y6 prime 2018	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	7.7	Trust: 1.0
vendor:	huawei	model:	berkeley-tl10	scope:	lt	version:	9.1.0.333\(c01e333r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	madrid-al00a	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	7.6	Trust: 1.0
vendor:	huawei	model:	figo-l31	scope:	lt	version:	9.1.0.158\(c432e8r1p5t8\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	8.4	Trust: 1.0
vendor:	huawei	model:	emily-l29c	scope:	lt	version:	9.1.0.311\(c461e2r1p11t8\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux tus	scope:	eq	version:	7.6	Trust: 1.0
vendor:	huawei	model:	sydney-l21	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	lelandp-l22d	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	yalep-al10b	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux for real time eus	scope:	eq	version:	8.4	Trust: 1.0
vendor:	huawei	model:	bla-l29c	scope:	lt	version:	9.1.0.300\(c605e2r1p12t8\)	Trust: 1.0
vendor:	huawei	model:	honor 20 pro	scope:	lt	version:	9.1.0.155\(c10e2r3p1\)	Trust: 1.0
vendor:	huawei	model:	cornell-l29a	scope:	lt	version:	9.1.0.336\(c636e2r1p12t8\)	Trust: 1.0
vendor:	huawei	model:	johnson-tl00f	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	madrid-tl00a	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	7.7	Trust: 1.0
vendor:	huawei	model:	cornell-al00a	scope:	lt	version:	9.1.0.333\(c00e333r1p1t8\)	Trust: 1.0
vendor:	huawei	model:	princeton-al10d	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	sydneym-l21	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	dura-tl00a	scope:	lt	version:	1.0.0.176\(c01\)	Trust: 1.0
vendor:	huawei	model:	charlotte-l29c	scope:	lt	version:	9.1.0.328\(c432e5r1p9t8\)	Trust: 1.0
vendor:	huawei	model:	emily-l29c	scope:	lt	version:	9.1.0.325\(c636e7r1p13t8\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	8.4	Trust: 1.0
vendor:	huawei	model:	p30	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	emily-l29c	scope:	lt	version:	9.1.0.326\(c635e2r1p11t8\)	Trust: 1.0
vendor:	huawei	model:	atomu-l33	scope:	lt	version:	8.0.0.147\(c605custc605d1\)	Trust: 1.0
vendor:	huawei	model:	y9 2019	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	harry-tl00c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	tony-tl00b	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	berkeley-l09	scope:	lt	version:	9.1.0.350\(c10e3r1p14t8\)	Trust: 1.0
vendor:	huawei	model:	florida-al20b	scope:	lt	version:	9.1.0.128\(c00e112r1p6t8\)	Trust: 1.0
vendor:	huawei	model:	sydneym-l22	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	leland-l32c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	y6 2019	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	figo-l31	scope:	lt	version:	9.1.0.137\(c530e8r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	honor 20 pro	scope:	lt	version:	9.1.0.154\(c636e2r3p1\)	Trust: 1.0
vendor:	huawei	model:	imanager neteco 6000	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	sydneym-l01	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	sydney-al00	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux eus	scope:	eq	version:	8.1	Trust: 1.0
vendor:	huawei	model:	mate 20	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	leland-tl10c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	sydneym-al00	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	p20 pro	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	y5 lite	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	atomu-l42	scope:	lt	version:	8.0.0.155\(c636custc636d1\)	Trust: 1.0
vendor:	huawei	model:	mate 20 x	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	leland-tl10b	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	cornell-l29a	scope:	lt	version:	9.1.0.341\(c185e1r1p9t8\)	Trust: 1.0
vendor:	huawei	model:	laya-al00ep	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	charlotte-l29c	scope:	lt	version:	9.1.0.311\(c605e2r1p11t8\)	Trust: 1.0
vendor:	apple	model:	watchos	scope:	eq	version:	5.3	Trust: 1.0
vendor:	huawei	model:	honor 20 pro	scope:	lt	version:	9.1.0.154\(c432e2r5p1\)	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.04	Trust: 1.0
vendor:	huawei	model:	leland-l32a	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	virtualization host eus	scope:	eq	version:	4.2	Trust: 1.0
vendor:	huawei	model:	cornell-al00i	scope:	lt	version:	9.1.0.363\(c675e3r1p9t8\)	Trust: 1.0
vendor:	huawei	model:	harry-al10b	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	ares-tl00c	scope:	lt	version:	9.1.0.165\(c01e165r2p5t8\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	7.7	Trust: 1.0
vendor:	huawei	model:	berkeley-l09	scope:	lt	version:	9.1.0.350\(c636e4r1p13t8\)	Trust: 1.0
vendor:	huawei	model:	ares-al10d	scope:	lt	version:	9.1.0.160\(c00e160r2p5t8\)	Trust: 1.0
vendor:	huawei	model:	nova lite 3	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux server aus	scope:	eq	version:	8.4	Trust: 1.0
vendor:	huawei	model:	hima-l29c	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	cornell-al10ind	scope:	lt	version:	9.1.0.363\(c675e2r1p9t8\)	Trust: 1.0
vendor:	opensuse	model:	leap	scope:	eq	version:	15.1	Trust: 1.0
vendor:	huawei	model:	nova 3	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	p20	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	paris-l29b	scope:	eq	version:	-	Trust: 1.0
vendor:	redhat	model:	enterprise linux for real time	scope:	eq	version:	8	Trust: 1.0
vendor:	huawei	model:	barca-al00	scope:	lt	version:	8.0.0.366\(c00\)	Trust: 1.0
vendor:	apple	model:	tvos	scope:	eq	version:	12.4	Trust: 1.0
vendor:	huawei	model:	charlotte-l29c	scope:	lt	version:	9.1.0.325\(c636e2r1p12t8\)	Trust: 1.0
vendor:	huawei	model:	figo-tl10b	scope:	lt	version:	9.1.0.130\(c01e115r2p8t8\)	Trust: 1.0
vendor:	huawei	model:	p smart	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	honor 8a	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	columbia-l29d	scope:	lt	version:	9.1.0.350\(c461e3r1p11t8\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux server tus	scope:	eq	version:	7.4	Trust: 1.0
vendor:	huawei	model:	jakarta-al00a	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	sydney-tl00	scope:	eq	version:	-	Trust: 1.0
vendor:	opensuse	model:	leap	scope:	eq	version:	15.0	Trust: 1.0
vendor:	huawei	model:	berkeley-al20	scope:	lt	version:	9.1.0.333\(c00e333r2p1t8\)	Trust: 1.0
vendor:	redhat	model:	enterprise linux for real time for nfv eus	scope:	eq	version:	8.2	Trust: 1.0
vendor:	huawei	model:	honor 20 pro	scope:	lt	version:	9.1.0.170\(c636e2r3p1\)	Trust: 1.0
vendor:	huawei	model:	paris-al00ic	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	johnson-tl00d	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	florida-l22	scope:	lt	version:	9.1.0.150\(c636e6r1p5t8\)	Trust: 1.0
vendor:	huawei	model:	p30 pro	scope:	eq	version:	-	Trust: 1.0
vendor:	huawei	model:	bla-al00b	scope:	lt	version:	9.1.0.329\(c786e320r2p1t8\)	Trust: 1.0
vendor:	huawei	model:	ever-l29b	scope:	lt	version:	9.1.0.338\(c185e3r3p1\)	Trust: 1.0
vendor:	blackberry	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	bluetooth sig	model:	-	scope:	-	version:	-	Trust: 0.8

sources: CERT/CC: VU#918987 // NVD: CVE-2019-9506

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-9506
value:	HIGH
Trust: 1.0
cret@cert.org:	CVE-2019-9506
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-9506
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201908-864
value:	HIGH
Trust: 0.6
VULHUB:	VHN-160941
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2019-9506
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-9506
severity:	MEDIUM
baseScore:	4.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	CVE-2019-9506
severity:	HIGH
baseScore:	7.8
vectorString:	NONE
accessVector:	ADJACENT NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	9.2
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-160941
severity:	MEDIUM
baseScore:	4.8
vectorString:	AV:A/AC:L/AU:N/C:P/I:P/A:N
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	6.5
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-9506
baseSeverity:	HIGH
baseScore:	8.1
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	5.2
version:	3.1
Trust: 1.0
cret@cert.org:	CVE-2019-9506
baseSeverity:	HIGH
baseScore:	7.6
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	2.8
impactScore:	4.7
version:	3.0
Trust: 1.0

sources: CERT/CC: VU#918987 // VULHUB: VHN-160941 // VULMON: CVE-2019-9506 // CNNVD: CNNVD-201908-864 // NVD: CVE-2019-9506 // NVD: CVE-2019-9506

PROBLEMTYPE DATA

problemtype:	CWE-310	Trust: 1.1
problemtype:	CWE-327	Trust: 1.1

sources: VULHUB: VHN-160941 // NVD: CVE-2019-9506

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-201908-864

TYPE

encryption problem

Trust: 0.6

sources: CNNVD: CNNVD-201908-864

PATCH

title:	Bluetooth Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96553	Trust: 0.6
title:	The Register	url:	https://www.theregister.co.uk/2019/08/22/cisco_patch_bundle/	Trust: 0.2
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193187 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kpatch-patch security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193231 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192975 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193165 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193218 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20201460 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193220 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193089 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193055 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kernel-alt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193217 - Security Advisory	Trust: 0.1
title:	Red Hat: Important: kpatch-patch security update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193076 - Security Advisory	Trust: 0.1
title:	Red Hat: CVE-2019-9506	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2019-9506	Trust: 0.1
title:	Cisco: Key Negotiation of Bluetooth Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20190813-bluetooth	Trust: 0.1
title:	HP: HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=HPSBPI03634	Trust: 0.1
title:	Red Hat: Important: kernel security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20200204 - Security Advisory	Trust: 0.1
title:	HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=814c3d5b0bc03fc1c34e62dbc5cf6bf7	Trust: 0.1
title:	HP: SUPPORT COMMUNICATION- SECURITY BULLETIN HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=20bba81176880ee641f9d46354adc125	Trust: 0.1
title:	Red Hat: Important: kernel security, bug fix, and enhancement update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193517 - Security Advisory	Trust: 0.1
title:	Huawei Security Advisories: Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories&qid=4da976eef66883f5331725800e5cf063	Trust: 0.1
title:	Red Hat: Important: kernel-rt security and bug fix update	url:	https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20193309 - Security Advisory	Trust: 0.1
title:	Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4147-1	Trust: 0.1
title:	Fortinet Security Advisories: CVE-2019-9506 Encryption Key Negotiation of Bluetooth Vulnerability	url:	https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=FG-IR-19-224	Trust: 0.1
title:	Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4115-2	Trust: 0.1
title:	Ubuntu Security Notice: linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4115-1	Trust: 0.1
title:	Ubuntu Security Notice: linux-aws vulnerabilities	url:	https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4118-1	Trust: 0.1
title:	knob	url:	https://github.com/francozappa/knob	Trust: 0.1
title:	bluetooth-KNOB	url:	https://github.com/u10427687/bluetooth-KNOB	Trust: 0.1
title:	-	url:	https://github.com/makaubenson/Fix-BT-Ubuntu	Trust: 0.1
title:	broadcom-bt-firmware	url:	https://github.com/winterheart/broadcom-bt-firmware	Trust: 0.1
title:	broadcom-bt-firmware	url:	https://github.com/AlexandrBing/broadcom-bt-firmware	Trust: 0.1
title:	Protocol-Vul	url:	https://github.com/WinMin/Protocol-Vul	Trust: 0.1
title:	awesome-bluetooth-security	url:	https://github.com/engn33r/awesome-bluetooth-security	Trust: 0.1
title:	-	url:	https://github.com/JeffroMF/awesome-bluetooth-security321	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/developer3000S/PoC-in-GitHub	Trust: 0.1
title:	CVE-POC	url:	https://github.com/0xT11/CVE-POC	Trust: 0.1
title:	-	url:	https://github.com/vincent-deng/veracode-container-security-finding-parser	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/hectorgie/PoC-in-GitHub	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/nomi-sec/PoC-in-GitHub	Trust: 0.1
title:	Symantec Threat Intelligence Blog	url:	https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-august-2019	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/cisco-patches-six-critical-bugs/147585/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/lenovo-warns-bugs-thinkpads/147338/	Trust: 0.1
title:	Threatpost	url:	https://threatpost.com/wormable-remote-desktop-bugs-august-patch-tuesday/147302/	Trust: 0.1
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-traffic/	Trust: 0.1
title:	BleepingComputer	url:	https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-connections/	Trust: 0.1

sources: VULMON: CVE-2019-9506 // CNNVD: CNNVD-201908-864

EXTERNAL IDS

db:	NVD	id:	CVE-2019-9506	Trust: 2.7
db:	CERT/CC	id:	VU#918987	Trust: 2.6
db:	PACKETSTORM	id:	157216	Trust: 0.8
db:	CNNVD	id:	CNNVD-201908-864	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.0141	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1366	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1189	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1366.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4346	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4346.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4676	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.0262	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.3115	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4252	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1338	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4584	Trust: 0.6
db:	PACKETSTORM	id:	156058	Trust: 0.6
db:	LENOVO	id:	LEN-27173	Trust: 0.6
db:	PACKETSTORM	id:	155017	Trust: 0.1
db:	PACKETSTORM	id:	154949	Trust: 0.1
db:	PACKETSTORM	id:	154936	Trust: 0.1
db:	PACKETSTORM	id:	155004	Trust: 0.1
db:	VULHUB	id:	VHN-160941	Trust: 0.1
db:	VULMON	id:	CVE-2019-9506	Trust: 0.1
db:	PACKETSTORM	id:	154779	Trust: 0.1
db:	PACKETSTORM	id:	155121	Trust: 0.1
db:	PACKETSTORM	id:	155147	Trust: 0.1
db:	PACKETSTORM	id:	154863	Trust: 0.1
db:	PACKETSTORM	id:	154862	Trust: 0.1
db:	PACKETSTORM	id:	154879	Trust: 0.1
db:	PACKETSTORM	id:	154740	Trust: 0.1
db:	PACKETSTORM	id:	155006	Trust: 0.1

sources: CERT/CC: VU#918987 // VULHUB: VHN-160941 // VULMON: CVE-2019-9506 // PACKETSTORM: 154779 // PACKETSTORM: 155121 // PACKETSTORM: 157216 // PACKETSTORM: 155147 // PACKETSTORM: 154863 // PACKETSTORM: 154862 // PACKETSTORM: 154879 // PACKETSTORM: 154740 // PACKETSTORM: 155006 // CNNVD: CNNVD-201908-864 // NVD: CVE-2019-9506

REFERENCES

url:	https://access.redhat.com/errata/rhsa-2020:0204	Trust: 2.4
url:	https://access.redhat.com/errata/rhsa-2019:2975	Trust: 1.9
url:	https://access.redhat.com/errata/rhsa-2019:3055	Trust: 1.9
url:	https://access.redhat.com/errata/rhsa-2019:3076	Trust: 1.9
url:	https://access.redhat.com/errata/rhsa-2019:3089	Trust: 1.9
url:	https://access.redhat.com/errata/rhsa-2019:3187	Trust: 1.9
url:	https://access.redhat.com/errata/rhsa-2019:3220	Trust: 1.9
url:	https://access.redhat.com/errata/rhsa-2019:3309	Trust: 1.9
url:	https://access.redhat.com/errata/rhsa-2019:3517	Trust: 1.9
url:	https://www.kb.cert.org/vuls/id/918987/	Trust: 1.8
url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en	Trust: 1.8
url:	https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/	Trust: 1.8
url:	http://seclists.org/fulldisclosure/2019/aug/11	Trust: 1.8
url:	http://seclists.org/fulldisclosure/2019/aug/13	Trust: 1.8
url:	http://seclists.org/fulldisclosure/2019/aug/14	Trust: 1.8
url:	http://seclists.org/fulldisclosure/2019/aug/15	Trust: 1.8
url:	http://www.cs.ox.ac.uk/publications/publication12404-abstract.html	Trust: 1.8
url:	https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html	Trust: 1.8
url:	https://access.redhat.com/errata/rhsa-2019:3165	Trust: 1.8
url:	https://access.redhat.com/errata/rhsa-2019:3217	Trust: 1.8
url:	https://access.redhat.com/errata/rhsa-2019:3218	Trust: 1.8
url:	https://access.redhat.com/errata/rhsa-2019:3231	Trust: 1.8
url:	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html	Trust: 1.8
url:	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html	Trust: 1.8
url:	https://usn.ubuntu.com/4115-1/	Trust: 1.8
url:	https://usn.ubuntu.com/4118-1/	Trust: 1.8
url:	https://usn.ubuntu.com/4147-1/	Trust: 1.8
url:	https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-9506	Trust: 1.5
url:	https://github.com/francozappa/knob	Trust: 0.9
url:	https://www.bluetooth.com/specifications/adopted-specifications	Trust: 0.8
url:	https://www.usenix.org/system/files/sec19-antonioli.pdf	Trust: 0.8
url:	https://www.icasi.org/br-edr-encryption-key-bluetooth-vulnerability/	Trust: 0.8
url:	http://support.blackberry.com/kb/articledetail?articlenumber=000057251	Trust: 0.8
url:	https://www.redhat.com/mailman/listinfo/rhsa-announce	Trust: 0.8
url:	https://access.redhat.com/security/cve/cve-2019-9506	Trust: 0.8
url:	https://bugzilla.redhat.com/):	Trust: 0.8
url:	https://access.redhat.com/security/team/key/	Trust: 0.8
url:	https://access.redhat.com/articles/11258	Trust: 0.8
url:	https://access.redhat.com/security/team/contact/	Trust: 0.8
url:	https://access.redhat.com/security/updates/classification/#important	Trust: 0.8
url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190813-bluetooth	Trust: 0.7
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20193294-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html	Trust: 0.6
url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html	Trust: 0.6
url:	https://packetstormsecurity.com/files/157216/red-hat-security-advisory-2020-1460-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1338/	Trust: 0.6
url:	https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2019-9506	Trust: 0.6
url:	https://support.lenovo.com/us/en/product_security/len-27173	Trust: 0.6
url:	https://support.apple.com/en-us/ht210353	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4676/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4346/	Trust: 0.6
url:	https://support.apple.com/en-us/ht210346	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4252/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4584/	Trust: 0.6
url:	https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190828-01-knob-cn	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0141/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.0262/	Trust: 0.6
url:	https://packetstormsecurity.com/files/156058/red-hat-security-advisory-2020-0204-01.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.3115/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/bluetooth-br-edr-information-disclosure-via-key-negotiation-30041	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4346.2/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1189/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1366/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1366.2/	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10126	Trust: 0.5
url:	https://access.redhat.com/security/cve/cve-2019-10126	Trust: 0.5
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10207	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-3900	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2019-3900	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2019-3846	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20856	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2019-3846	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2018-20856	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2019-1125	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-1125	Trust: 0.2
url:	https://access.redhat.com/articles/4329821	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-5489	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-11884	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11884	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-3459	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-7222	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-16884	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-3874	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-10207	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-19985	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-13233	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-14821	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19854	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-3882	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11599	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-3874	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13233	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-11599	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-14821	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-20169	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-20169	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-15916	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-3460	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-5489	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-3460	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-10638	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-7222	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19985	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11833	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2018-19854	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-10638	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15916	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2019-3882	Trust: 0.2
url:	https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2018-16884	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-11833	Trust: 0.2
url:	https://access.redhat.com/security/cve/cve-2019-3459	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/327.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.kb.cert.org/vuls/id/918987	Trust: 0.1
url:	https://access.redhat.com/errata/rhsa-2020:1460	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2015-1593	Trust: 0.1
url:	https://access.redhat.com/security/cve/cve-2015-1593	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15223	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15538	Trust: 0.1
url:	https://usn.ubuntu.com/4147-1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15118	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15221	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15090	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15217	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-13631	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15925	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15117	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15220	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15211	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15926	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15218	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15215	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-0136	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-15212	Trust: 0.1

CREDITS

Red Hat

Trust: 0.8

sources: PACKETSTORM: 154779 // PACKETSTORM: 155121 // PACKETSTORM: 157216 // PACKETSTORM: 155147 // PACKETSTORM: 154863 // PACKETSTORM: 154862 // PACKETSTORM: 154879 // PACKETSTORM: 155006

SOURCES

db:	CERT/CC	id:	VU#918987
db:	VULHUB	id:	VHN-160941
db:	VULMON	id:	CVE-2019-9506
db:	PACKETSTORM	id:	154779
db:	PACKETSTORM	id:	155121
db:	PACKETSTORM	id:	157216
db:	PACKETSTORM	id:	155147
db:	PACKETSTORM	id:	154863
db:	PACKETSTORM	id:	154862
db:	PACKETSTORM	id:	154879
db:	PACKETSTORM	id:	154740
db:	PACKETSTORM	id:	155006
db:	CNNVD	id:	CNNVD-201908-864
db:	NVD	id:	CVE-2019-9506

LAST UPDATE DATE

2024-11-11T19:47:03.900000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#918987	date:	2020-05-15T00:00:00
db:	VULHUB	id:	VHN-160941	date:	2021-11-04T00:00:00
db:	VULMON	id:	CVE-2019-9506	date:	2021-11-04T00:00:00
db:	CNNVD	id:	CNNVD-201908-864	date:	2021-11-05T00:00:00
db:	NVD	id:	CVE-2019-9506	date:	2021-11-04T15:58:19.197

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#918987	date:	2019-08-14T00:00:00
db:	VULHUB	id:	VHN-160941	date:	2019-08-14T00:00:00
db:	VULMON	id:	CVE-2019-9506	date:	2019-08-14T00:00:00
db:	PACKETSTORM	id:	154779	date:	2019-10-08T20:44:06
db:	PACKETSTORM	id:	155121	date:	2019-11-06T15:33:55
db:	PACKETSTORM	id:	157216	date:	2020-04-14T15:40:41
db:	PACKETSTORM	id:	155147	date:	2019-11-06T15:49:15
db:	PACKETSTORM	id:	154863	date:	2019-10-15T22:22:11
db:	PACKETSTORM	id:	154862	date:	2019-10-15T22:21:55
db:	PACKETSTORM	id:	154879	date:	2019-10-16T15:06:37
db:	PACKETSTORM	id:	154740	date:	2019-10-05T14:13:57
db:	PACKETSTORM	id:	155006	date:	2019-10-29T14:49:44
db:	CNNVD	id:	CNNVD-201908-864	date:	2019-08-13T00:00:00
db:	NVD	id:	CVE-2019-9506	date:	2019-08-14T17:15:11.597