Sign-up

ID

VAR-201909-0695


CVE

CVE-2019-14835


TITLE

Linux Kernel Vulnerable to classic buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2019-009455

DESCRIPTION

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. Linux Kernel Contains a classic buffer overflow vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The following packages have been upgraded to a later upstream version: redhat-release-virtualization-host (4.3.5), redhat-virtualization-host (4.3.5). 7.3) - noarch, x86_64 3. (CVE-2019-14835) * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * fs deadlock when a memory allocation waits on page writeback in NOFS context (BZ#1729105) * fragmented packets timing out (BZ#1729410) * kernel build: speed up debuginfo extraction (BZ#1731461) * use "make -jN" for modules_install (BZ#1735080) * shmem: consider shm_mnt as a long-term mount (BZ#1737375) * Backport TCP follow-up for small buffers (BZ#1739126) 4. ========================================================================== Kernel Live Patch Security Notice 0058-1 October 22, 2019 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu: | Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 18.04 LTS | 4.15.0 | amd64 | aws | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | oem | | Ubuntu 18.04 LTS | 5.0.0 | amd64 | azure | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | aws | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | azure | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | lowlatency | Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2016-10905) It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-20856) It was discovered that the USB gadget Midi driver in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-20961) It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-20976) It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach operations correctly, leading to a use-after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-21008) It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136) It was discovered that the Linux kernel on ARM processors allowed a tracing process to modify a syscall after a seccomp decision had been made on that syscall. A local attacker could possibly use this to bypass seccomp restrictions. (CVE-2019-2054) It was discovered that an integer overflow existed in the Binder implementation of the Linux kernel, leading to a buffer overflow. A local attacker could use this to escalate privileges. (CVE-2019-2181) It was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-3846) It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-10126) It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207) Jonathan Looney discovered that an integer overflow existed in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service (system crash). (CVE-2019-11477) Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (CVE-2019-11478) It was discovered that the ext4 file system implementation in the Linux kernel did not properly zero out memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11833) It was discovered that the PowerPC dlpar implementation in the Linux kernel did not properly check for allocation errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-12614) It was discovered that the floppy driver in the Linux kernel did not properly validate meta data, leading to a buffer overread. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14283) It was discovered that the floppy driver in the Linux kernel did not properly validate ioctl() calls, leading to a division-by-zero. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14284) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14814) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14815) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14816) Matt Delco discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform bounds checking when handling coalesced MMIO write operations. A local attacker with write access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-14821) Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. (CVE-2019-14835) Update instructions: The problem can be corrected by updating your livepatches to the following versions: | Kernel | Version | flavors | |--------------------------+----------+--------------------------| | 4.4.0-148.174 | 58.1 | lowlatency, generic | | 4.4.0-148.174~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-150.176 | 58.1 | generic, lowlatency | | 4.4.0-150.176~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-151.178 | 58.1 | lowlatency, generic | | 4.4.0-151.178~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-154.181 | 58.1 | lowlatency, generic | | 4.4.0-154.181~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-157.185 | 58.1 | lowlatency, generic | | 4.4.0-157.185~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-159.187 | 58.1 | lowlatency, generic | | 4.4.0-159.187~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-161.189 | 58.1 | lowlatency, generic | | 4.4.0-161.189~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-164.192 | 58.1 | lowlatency, generic | | 4.4.0-164.192~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-165.193 | 58.1 | generic, lowlatency | | 4.4.0-1083.93 | 58.1 | aws | | 4.4.0-1084.94 | 58.1 | aws | | 4.4.0-1085.96 | 58.1 | aws | | 4.4.0-1087.98 | 58.1 | aws | | 4.4.0-1088.99 | 58.1 | aws | | 4.4.0-1090.101 | 58.1 | aws | | 4.4.0-1092.103 | 58.1 | aws | | 4.4.0-1094.105 | 58.1 | aws | | 4.15.0-50.54 | 58.1 | generic, lowlatency | | 4.15.0-50.54~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-51.55 | 58.1 | generic, lowlatency | | 4.15.0-51.55~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-52.56 | 58.1 | lowlatency, generic | | 4.15.0-52.56~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-54.58 | 58.1 | generic, lowlatency | | 4.15.0-54.58~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-55.60 | 58.1 | generic, lowlatency | | 4.15.0-58.64 | 58.1 | generic, lowlatency | | 4.15.0-58.64~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-60.67 | 58.1 | lowlatency, generic | | 4.15.0-60.67~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-62.69 | 58.1 | generic, lowlatency | | 4.15.0-62.69~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-64.73 | 58.1 | generic, lowlatency | | 4.15.0-64.73~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-65.74 | 58.1 | lowlatency, generic | | 4.15.0-1038.43 | 58.1 | oem | | 4.15.0-1039.41 | 58.1 | aws | | 4.15.0-1039.44 | 58.1 | oem | | 4.15.0-1040.42 | 58.1 | aws | | 4.15.0-1041.43 | 58.1 | aws | | 4.15.0-1043.45 | 58.1 | aws | | 4.15.0-1043.48 | 58.1 | oem | | 4.15.0-1044.46 | 58.1 | aws | | 4.15.0-1045.47 | 58.1 | aws | | 4.15.0-1045.50 | 58.1 | oem | | 4.15.0-1047.49 | 58.1 | aws | | 4.15.0-1047.51 | 58.1 | azure | | 4.15.0-1048.50 | 58.1 | aws | | 4.15.0-1049.54 | 58.1 | azure | | 4.15.0-1050.52 | 58.1 | aws | | 4.15.0-1050.55 | 58.1 | azure | | 4.15.0-1050.57 | 58.1 | oem | | 4.15.0-1051.53 | 58.1 | aws | | 4.15.0-1051.56 | 58.1 | azure | | 4.15.0-1052.57 | 58.1 | azure | | 4.15.0-1055.60 | 58.1 | azure | | 4.15.0-1056.61 | 58.1 | azure | | 4.15.0-1056.65 | 58.1 | oem | | 4.15.0-1057.62 | 58.1 | azure | | 4.15.0-1057.66 | 58.1 | oem | | 4.15.0-1059.64 | 58.1 | azure | | 5.0.0-1014.14~18.04.1 | 58.1 | azure | | 5.0.0-1016.17~18.04.1 | 58.1 | azure | | 5.0.0-1018.19~18.04.1 | 58.1 | azure | | 5.0.0-1020.21~18.04.1 | 58.1 | azure | Support Information: Kernels older than the levels listed below do not receive livepatch updates. Please upgrade your kernel as soon as possible. | Series | Version | Flavors | |------------------+------------------+--------------------------| | Ubuntu 18.04 LTS | 4.15.0-1039 | aws | | Ubuntu 16.04 LTS | 4.4.0-1083 | aws | | Ubuntu 18.04 LTS | 5.0.0-1000 | azure | | Ubuntu 16.04 LTS | 4.15.0-1047 | azure | | Ubuntu 18.04 LTS | 4.15.0-50 | generic lowlatency | | Ubuntu 16.04 LTS | 4.15.0-50 | generic lowlatency | | Ubuntu 14.04 LTS | 4.4.0-148 | generic lowlatency | | Ubuntu 18.04 LTS | 4.15.0-1038 | oem | | Ubuntu 16.04 LTS | 4.4.0-148 | generic lowlatency | References: CVE-2016-10905, CVE-2018-20856, CVE-2018-20961, CVE-2018-20976, CVE-2018-21008, CVE-2019-0136, CVE-2019-2054, CVE-2019-2181, CVE-2019-3846, CVE-2019-10126, CVE-2019-10207, CVE-2019-11477, CVE-2019-11478, CVE-2019-11833, CVE-2019-12614, CVE-2019-14283, CVE-2019-14284, CVE-2019-14814, CVE-2019-14815, CVE-2019-14816, CVE-2019-14821, CVE-2019-14835 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . 7.6) - ppc64le, x86_64 3. Description: This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.199/*: Upgraded. These updates fix various bugs and security issues. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 4.4.191: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3900 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15118 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10905 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10638 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15117 Fixed in 4.4.193: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835 Fixed in 4.4.194: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14816 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14814 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15505 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14821 Fixed in 4.4.195: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17053 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17052 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17056 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17055 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17054 Fixed in 4.4.196: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2215 Fixed in 4.4.197: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16746 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20976 Fixed in 4.4.198: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17075 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17133 Fixed in 4.4.199: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15098 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-generic-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-huge-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-modules-smp-4.4.199_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199_smp-noarch-1.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-generic-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-headers-4.4.199-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-huge-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-modules-4.4.199-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.199/kernel-source-4.4.199-noarch-1.txz MD5 signatures: +-------------+ Slackware 14.2 packages: 0e523f42e759ecc2399f36e37672f110 kernel-generic-4.4.199-i586-1.txz ee6451f5362008b46fee2e08e3077b21 kernel-generic-smp-4.4.199_smp-i686-1.txz a8338ef88f2e3ea9c74d564c36ccd420 kernel-headers-4.4.199_smp-x86-1.txz cd9e9c241e4eec2fba1dae658a28870e kernel-huge-4.4.199-i586-1.txz 842030890a424023817d42a83a86a7f4 kernel-huge-smp-4.4.199_smp-i686-1.txz 257db024bb4501548ac9118dbd2d9ae6 kernel-modules-4.4.199-i586-1.txz 96377cbaf7bca55aaca70358c63151a7 kernel-modules-smp-4.4.199_smp-i686-1.txz 0673e86466f9e624964d95107cf6712f kernel-source-4.4.199_smp-noarch-1.txz Slackware x86_64 14.2 packages: 6d1ff428e7cad6caa8860acc402447a1 kernel-generic-4.4.199-x86_64-1.txz dadc091dc725b8227e0d1e35098d6416 kernel-headers-4.4.199-x86-1.txz f5f4c034203f44dd1513ad3504c42515 kernel-huge-4.4.199-x86_64-1.txz a5337cd8b2ca80d4d93b9e9688e42b03 kernel-modules-4.4.199-x86_64-1.txz 5dd6e46c04f37b97062dc9e52cc38add kernel-source-4.4.199-noarch-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.199 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.199-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.199 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. 6) - i386, x86_64 3. (CVE-2019-15031) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: linux-image-3.13.0-173-generic 3.13.0-173.224 linux-image-3.13.0-173-generic-lpae 3.13.0-173.224 linux-image-3.13.0-173-lowlatency 3.13.0-173.224 linux-image-3.13.0-173-powerpc-e500 3.13.0-173.224 linux-image-3.13.0-173-powerpc-e500mc 3.13.0-173.224 linux-image-3.13.0-173-powerpc-smp 3.13.0-173.224 linux-image-3.13.0-173-powerpc64-emb 3.13.0-173.224 linux-image-3.13.0-173-powerpc64-smp 3.13.0-173.224 linux-image-4.15.0-1059-azure 4.15.0-1059.64~14.04.1 linux-image-4.4.0-1054-aws 4.4.0-1054.58 linux-image-4.4.0-164-generic 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-generic-lpae 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-lowlatency 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-powerpc-e500mc 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-powerpc-smp 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-powerpc64-emb 4.4.0-164.192~14.04.1 linux-image-4.4.0-164-powerpc64-smp 4.4.0-164.192~14.04.1 linux-image-aws 4.4.0.1054.55 linux-image-azure 4.15.0.1059.45 linux-image-generic 3.13.0.173.184 linux-image-generic-lpae 3.13.0.173.184 linux-image-generic-lpae-lts-xenial 4.4.0.164.143 linux-image-generic-lts-xenial 4.4.0.164.143 linux-image-lowlatency 3.13.0.173.184 linux-image-lowlatency-lts-xenial 4.4.0.164.143 linux-image-powerpc-e500 3.13.0.173.184 linux-image-powerpc-e500mc 3.13.0.173.184 linux-image-powerpc-e500mc-lts-xenial 4.4.0.164.143 linux-image-powerpc-smp 3.13.0.173.184 linux-image-powerpc-smp-lts-xenial 4.4.0.164.143 linux-image-powerpc64-emb 3.13.0.173.184 linux-image-powerpc64-emb-lts-xenial 4.4.0.164.143 linux-image-powerpc64-smp 3.13.0.173.184 linux-image-powerpc64-smp-lts-xenial 4.4.0.164.143 linux-image-server 3.13.0.173.184 linux-image-virtual 3.13.0.173.184 linux-image-virtual-lts-xenial 4.4.0.164.143 Ubuntu 12.04 ESM: linux-image-3.13.0-173-generic 3.13.0-173.224~12.04.1 linux-image-3.13.0-173-generic-lpae 3.13.0-173.224~12.04.1 linux-image-3.13.0-173-lowlatency 3.13.0-173.224~12.04.1 linux-image-3.2.0-143-generic 3.2.0-143.190 linux-image-3.2.0-143-generic-pae 3.2.0-143.190 linux-image-3.2.0-143-highbank 3.2.0-143.190 linux-image-3.2.0-143-omap 3.2.0-143.190 linux-image-3.2.0-143-powerpc-smp 3.2.0-143.190 linux-image-3.2.0-143-powerpc64-smp 3.2.0-143.190 linux-image-3.2.0-143-virtual 3.2.0-143.190 linux-image-generic 3.2.0.143.158 linux-image-generic-lpae-lts-trusty 3.13.0.173.161 linux-image-generic-lts-trusty 3.13.0.173.161 linux-image-generic-pae 3.2.0.143.158 linux-image-highbank 3.2.0.143.158 linux-image-omap 3.2.0.143.158 linux-image-powerpc 3.2.0.143.158 linux-image-powerpc-smp 3.2.0.143.158 linux-image-powerpc64-smp 3.2.0.143.158 linux-image-server 3.2.0.143.158 linux-image-virtual 3.2.0.143.158 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2019:2829-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:2829 Issue date: 2019-09-20 CVE Names: CVE-2019-14835 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. (CVE-2019-14835) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1750727 - CVE-2019-14835 kernel: vhost-net: guest to host kernel escape during migration 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1062.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm kernel-doc-3.10.0-1062.1.2.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.1.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm perf-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1062.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm kernel-doc-3.10.0-1062.1.2.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.1.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm perf-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1062.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm kernel-doc-3.10.0-1062.1.2.el7.noarch.rpm ppc64: bpftool-3.10.0-1062.1.2.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-3.10.0-1062.1.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debug-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.1.2.el7.ppc64.rpm kernel-devel-3.10.0-1062.1.2.el7.ppc64.rpm kernel-headers-3.10.0-1062.1.2.el7.ppc64.rpm kernel-tools-3.10.0-1062.1.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.ppc64.rpm perf-3.10.0-1062.1.2.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm python-perf-3.10.0-1062.1.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1062.1.2.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debug-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-devel-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-headers-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-tools-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.ppc64le.rpm perf-3.10.0-1062.1.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm python-perf-3.10.0-1062.1.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm s390x: bpftool-3.10.0-1062.1.2.el7.s390x.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm kernel-3.10.0-1062.1.2.el7.s390x.rpm kernel-debug-3.10.0-1062.1.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.s390x.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1062.1.2.el7.s390x.rpm kernel-devel-3.10.0-1062.1.2.el7.s390x.rpm kernel-headers-3.10.0-1062.1.2.el7.s390x.rpm kernel-kdump-3.10.0-1062.1.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-1062.1.2.el7.s390x.rpm perf-3.10.0-1062.1.2.el7.s390x.rpm perf-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm python-perf-3.10.0-1062.1.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.s390x.rpm x86_64: bpftool-3.10.0-1062.1.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm perf-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.1.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1062.1.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm kernel-doc-3.10.0-1062.1.2.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.1.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm kernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm perf-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-14835 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/kernel-vhost 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXYSDiNzjgjWX9erEAQiVUQ/9EzNEE3VBb1tjfASE0BrtTQXPGV5OD0jF xgNeuTZt7X15behgUtLM3tDg3eiPYZnEErojpJr52sh7Jz1J2GuVajbVpUtaW2Wm P+iI+zmtzhdUPns6zbuV4Qkyk0Q2WNxt1RLMcZeXtDMKiYN7Tj34wmF2aKhvAB6i Du+8LiPcsU84XcyT5z4lnG/iRCw1CqHvuVj7oJNQCWGC3X3Am6hkmuZ3Y1I5+cI8 mqJIb+aEbvVnAzDLdyl9JoTOPy+e5X0wHLiTEwKgp6k6IaWdVoPoxcrx4M8TPPbN 7A8Q7KrLAqeDNkft8YKmYgO3alE7915/FaRcpzAoPlBlot/OvCeiwP0qPjQ9ki0C JrOk98DYgRD0OxLfXoe4mMfYyh+yb+Q3APxjv6r75RJuxXIQGHMgo8EWVRNkA7Je 2CMFtk2J1x/eiQnRN/UbEri6oDc9LIC6o4eANEm1hNPNoYi66xPDeTMiwua79q0n SnPLqXjjm0jDft7XOvv/5H9AuaRjurZLzMf6a08OouxCkzM8t1iRCnBrVTAW+AqW j/0eZz+ElMoM4xTtzM1aZit+0dy0wVbTdeCpbVJQre89Z2iA1exdgptnO+8/oLa3 XnWaluoWVObovE4ev0czx8ML9oJ13gVglU2Zme3Uzian48/2+/bgJHrjr3J+GLYG 6PiQ0CEHbCQ=V1EB -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.52

sources: NVD: CVE-2019-14835 // JVNDB: JVNDB-2019-009455 // VULHUB: VHN-146821 // PACKETSTORM: 154585 // PACKETSTORM: 154608 // PACKETSTORM: 154951 // PACKETSTORM: 154564 // PACKETSTORM: 155212 // PACKETSTORM: 154569 // PACKETSTORM: 154563 // PACKETSTORM: 154513 // PACKETSTORM: 154541

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:ltversion:3.16.74

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:19.04

Trust: 1.0

vendor:netappmodel:h300sscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.4

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.0

Trust: 1.0

vendor:huaweimodel:imanager neteco 6000scope:eqversion:v600r008c20

Trust: 1.0

vendor:netappmodel:service processorscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.19

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.2

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.9

Trust: 1.0

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:12.04

Trust: 1.0

vendor:huaweimodel:imanager netecoscope:eqversion:v600r009c00

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.6

Trust: 1.0

vendor:huaweimodel:imanager netecoscope:eqversion:v600r009c10spc200

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:7.0

Trust: 1.0

vendor:huaweimodel:manageonescope:eqversion:6.5.0

Trust: 1.0

vendor:netappmodel:h300escope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.5

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:5.2

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.0

Trust: 1.0

vendor:netappmodel:h700escope:eqversion: -

Trust: 1.0

vendor:netappmodel:h500sscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux for real timescope:eqversion:8

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.3

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.6

Trust: 1.0

vendor:redhatmodel:openshift container platformscope:eqversion:3.11

Trust: 1.0

vendor:netappmodel:aff a700sscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.14

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.73

Trust: 1.0

vendor:huaweimodel:manageonescope:eqversion:6.5.1rc1.b080

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.7

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:6.0

Trust: 1.0

vendor:linuxmodel:kernelscope:eqversion:5.3

Trust: 1.0

vendor:redhatmodel:virtualizationscope:eqversion:4.0

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:10.0

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.14.144

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.4

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.9.193

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:netappmodel:h410cscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux desktopscope:eqversion:7.0

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:29

Trust: 1.0

vendor:netappmodel:h500escope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.4.193

Trust: 1.0

vendor:netappmodel:solidfirescope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.3

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:2.6.34

Trust: 1.0

vendor:netappmodel:h410sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:h610sscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux for real timescope:eqversion:7

Trust: 1.0

vendor:huaweimodel:manageonescope:eqversion:6.5.1rc1.b060

Trust: 1.0

vendor:huaweimodel:manageonescope:eqversion:6.5.0.spc100.b210

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:30

Trust: 1.0

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6.0

Trust: 1.0

vendor:huaweimodel:manageonescope:eqversion:6.5.rc2.b050

Trust: 1.0

vendor:redhatmodel:virtualization hostscope:eqversion:4.0

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.2

Trust: 1.0

vendor:netappmodel:h700sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:hci management nodescope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.7

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.6

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.2.15

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.4

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.5

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.1

Trust: 1.0

vendor:huaweimodel:imanager neteco 6000scope:eqversion:v600r008c10spc300

Trust: 1.0

vendor:canonicalmodel:ubuntuscope: - version: -

Trust: 0.8

vendor:linuxmodel:kernelscope:eqversion:2.6.34 to 5.2.x

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope: - version: -

Trust: 0.8

vendor:red hatmodel:virtualizationscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-009455 // NVD: CVE-2019-14835

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-14835
value: HIGH

Trust: 1.0

secalert@redhat.com: CVE-2019-14835
value: HIGH

Trust: 1.0

NVD: CVE-2019-14835
value: HIGH

Trust: 0.8

VULHUB: VHN-146821
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-14835
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-146821
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-14835
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

secalert@redhat.com: CVE-2019-14835
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: HIGH
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.6
impactScore: 6.0
version: 3.0

Trust: 1.0

NVD: CVE-2019-14835
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-146821 // JVNDB: JVNDB-2019-009455 // NVD: CVE-2019-14835 // NVD: CVE-2019-14835

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.9

sources: VULHUB: VHN-146821 // JVNDB: JVNDB-2019-009455 // NVD: CVE-2019-14835

THREAT TYPE

local

Trust: 0.2

sources: PACKETSTORM: 154951 // PACKETSTORM: 154513

TYPE

overflow

Trust: 0.6

sources: PACKETSTORM: 154585 // PACKETSTORM: 154608 // PACKETSTORM: 154564 // PACKETSTORM: 154569 // PACKETSTORM: 154563 // PACKETSTORM: 154541

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-009455

PATCH
title:Linux Kernel Archivesurl:http://www.kernel.org
Trust: 0.8
title:Bug 1750727url:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
Trust: 0.8
title:USN-4135-2url:https://usn.ubuntu.com/4135-2/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2019-009455

EXTERNAL IDS
db:NVDid:CVE-2019-14835
Trust: 2.8
db:OPENWALLid:OSS-SECURITY/2019/09/17/1
Trust: 1.9
db:PACKETSTORMid:155212
Trust: 1.2
db:PACKETSTORMid:154951
Trust: 1.2
db:PACKETSTORMid:154572
Trust: 1.1
db:OPENWALLid:OSS-SECURITY/2019/10/03/1
Trust: 1.1
db:OPENWALLid:OSS-SECURITY/2019/10/09/7
Trust: 1.1
db:OPENWALLid:OSS-SECURITY/2019/09/24/1
Trust: 1.1
db:OPENWALLid:OSS-SECURITY/2019/10/09/3
Trust: 1.1
db:JVNDBid:JVNDB-2019-009455
Trust: 0.8
db:PACKETSTORMid:154513
Trust: 0.2
db:PACKETSTORMid:154563
Trust: 0.2
db:PACKETSTORMid:154564
Trust: 0.2
db:PACKETSTORMid:154541
Trust: 0.2
db:PACKETSTORMid:154585
Trust: 0.2
db:PACKETSTORMid:154569
Trust: 0.2
db:PACKETSTORMid:154539
Trust: 0.1
db:PACKETSTORMid:154538
Trust: 0.1
db:PACKETSTORMid:154570
Trust: 0.1
db:PACKETSTORMid:154602
Trust: 0.1
db:PACKETSTORMid:154562
Trust: 0.1
db:PACKETSTORMid:154514
Trust: 0.1
db:PACKETSTORMid:154566
Trust: 0.1
db:PACKETSTORMid:154540
Trust: 0.1
db:PACKETSTORMid:154565
Trust: 0.1
db:PACKETSTORMid:154558
Trust: 0.1
db:PACKETSTORMid:154659
Trust: 0.1
db:CNNVDid:CNNVD-201909-807
Trust: 0.1
db:VULHUBid:VHN-146821
Trust: 0.1
db:PACKETSTORMid:154608
Trust: 0.1
sources:
            
            
            VULHUB: VHN-146821 // 
            
            
            
            JVNDB: JVNDB-2019-009455 // 
            
            
            
            PACKETSTORM: 154585 // 
            
            
            
            PACKETSTORM: 154608 // 
            
            
            
            PACKETSTORM: 154951 // 
            
            
            
            PACKETSTORM: 154564 // 
            
            
            
            PACKETSTORM: 155212 // 
            
            
            
            PACKETSTORM: 154569 // 
            
            
            
            PACKETSTORM: 154563 // 
            
            
            
            PACKETSTORM: 154513 // 
            
            
            
            PACKETSTORM: 154541 // 
            
            
            
            NVD: CVE-2019-14835

REFERENCES
url:https://www.openwall.com/lists/oss-security/2019/09/17/1
Trust: 1.9
url:https://nvd.nist.gov/vuln/detail/cve-2019-14835
Trust: 1.7
url:https://access.redhat.com/errata/rhsa-2019:2829
Trust: 1.2
url:https://access.redhat.com/errata/rhsa-2019:2863
Trust: 1.2
url:https://access.redhat.com/errata/rhsa-2019:2865
Trust: 1.2
url:https://access.redhat.com/errata/rhsa-2019:2869
Trust: 1.2
url:https://access.redhat.com/errata/rhsa-2019:2889
Trust: 1.2
url:https://access.redhat.com/errata/rhsa-2019:2900
Trust: 1.2
url:https://seclists.org/bugtraq/2019/sep/41
Trust: 1.1
url:https://seclists.org/bugtraq/2019/nov/11
Trust: 1.1
url:https://www.debian.org/security/2019/dsa-4531
Trust: 1.1
url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/yw3qnmpenpfegvtofpsnobl7jeijs25p/
Trust: 1.1
url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/kqfy6jyfiq2vfq7qcsxpwtul5zdncjl5/
Trust: 1.1
url:https://access.redhat.com/errata/rhba-2019:2824
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2827
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2828
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2830
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2854
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2862
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2864
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2866
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2867
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2899
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2901
Trust: 1.1
url:https://access.redhat.com/errata/rhsa-2019:2924
Trust: 1.1
url:https://usn.ubuntu.com/4135-1/
Trust: 1.1
url:https://usn.ubuntu.com/4135-2/
Trust: 1.1
url:https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
Trust: 1.1
url:https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html
Trust: 1.1
url:http://www.openwall.com/lists/oss-security/2019/09/24/1
Trust: 1.1
url:http://www.openwall.com/lists/oss-security/2019/10/03/1
Trust: 1.1
url:http://www.openwall.com/lists/oss-security/2019/10/09/3
Trust: 1.1
url:http://www.openwall.com/lists/oss-security/2019/10/09/7
Trust: 1.1
url:http://packetstormsecurity.com/files/154572/kernel-live-patch-security-notice-lsn-0056-1.html
Trust: 1.1
url:http://packetstormsecurity.com/files/154951/kernel-live-patch-security-notice-lsn-0058-1.html
Trust: 1.1
url:http://packetstormsecurity.com/files/155212/slackware-security-advisory-slackware-14.2-kernel-updates.html
Trust: 1.1
url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en
Trust: 1.1
url:https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-14835
Trust: 1.1
url:https://security.netapp.com/advisory/ntap-20191031-0005/
Trust: 1.1
url:http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
Trust: 1.1
url:http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
Trust: 1.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14835
Trust: 0.9
url:https://www.redhat.com/mailman/listinfo/rhsa-announce
Trust: 0.6
url:https://access.redhat.com/security/vulnerabilities/kernel-vhost
Trust: 0.6
url:https://access.redhat.com/security/cve/cve-2019-14835
Trust: 0.6
url:https://bugzilla.redhat.com/):
Trust: 0.6
url:https://access.redhat.com/security/team/key/
Trust: 0.6
url:https://access.redhat.com/security/team/contact/
Trust: 0.6
url:https://access.redhat.com/security/updates/classification/#important
Trust: 0.6
url:https://access.redhat.com/articles/11258
Trust: 0.5
url:https://nvd.nist.gov/vuln/detail/cve-2019-14821
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2016-10905
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2019-14816
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2018-20976
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2019-14814
Trust: 0.2
url:https://access.redhat.com/articles/2974891
Trust: 0.1
url:https://access.redhat.com/security/cve/cve-2019-1125
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-1125
Trust: 0.1
url:https://access.redhat.com/articles/4329821
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-14815
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-20856
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-11478
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-2181
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-10207
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-11477
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-3846
Trust: 0.1
url:https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-12614
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-21008
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-10126
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-14284
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-14283
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-11833
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-2054
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-0136
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2018-20961
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-2215
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17054
Trust: 0.1
url:http://slackware.com
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-16746
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-17055
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17075
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-15118
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17053
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10906
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2016-10906
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-20976
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17052
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15117
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17133
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14816
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-15505
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15098
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-16746
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-17054
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-2215
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15118
Trust: 0.1
url:http://slackware.com/gpg-key
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10905
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-17056
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3900
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-15117
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17056
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14821
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-10638
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-15098
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-17075
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-17053
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-3900
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-10638
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17055
Trust: 0.1
url:http://osuosl.org)
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14814
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-17133
Trust: 0.1
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-15505
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-17052
Trust: 0.1
url:https://usn.ubuntu.com/4135-1
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-15030
Trust: 0.1
url:https://usn.ubuntu.com/4135-2
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2019-15031
Trust: 0.1
sources:
            
            
            VULHUB: VHN-146821 // 
            
            
            
            JVNDB: JVNDB-2019-009455 // 
            
            
            
            PACKETSTORM: 154585 // 
            
            
            
            PACKETSTORM: 154608 // 
            
            
            
            PACKETSTORM: 154951 // 
            
            
            
            PACKETSTORM: 154564 // 
            
            
            
            PACKETSTORM: 155212 // 
            
            
            
            PACKETSTORM: 154569 // 
            
            
            
            PACKETSTORM: 154563 // 
            
            
            
            PACKETSTORM: 154513 // 
            
            
            
            PACKETSTORM: 154541 // 
            
            
            
            NVD: CVE-2019-14835

CREDITS
Red Hat
Trust: 0.6
sources:
            
            
            PACKETSTORM: 154585 // 
            
            
            
            PACKETSTORM: 154608 // 
            
            
            
            PACKETSTORM: 154564 // 
            
            
            
            PACKETSTORM: 154569 // 
            
            
            
            PACKETSTORM: 154563 // 
            
            
            
            PACKETSTORM: 154541

SOURCES
db:VULHUBid:VHN-146821
db:JVNDBid:JVNDB-2019-009455
db:PACKETSTORMid:154585
db:PACKETSTORMid:154608
db:PACKETSTORMid:154951
db:PACKETSTORMid:154564
db:PACKETSTORMid:155212
db:PACKETSTORMid:154569
db:PACKETSTORMid:154563
db:PACKETSTORMid:154513
db:PACKETSTORMid:154541
db:NVDid:CVE-2019-14835

LAST UPDATE DATE
2024-12-25T20:45:19.814000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-146821date:2023-02-12T00:00:00
db:JVNDBid:JVNDB-2019-009455date:2019-09-20T00:00:00
db:NVDid:CVE-2019-14835date:2024-11-21T04:27:27.790

SOURCES RELEASE DATE
db:VULHUBid:VHN-146821date:2019-09-17T00:00:00
db:JVNDBid:JVNDB-2019-009455date:2019-09-20T00:00:00
db:PACKETSTORMid:154585date:2019-09-24T17:05:22
db:PACKETSTORMid:154608date:2019-09-25T18:06:56
db:PACKETSTORMid:154951date:2019-10-23T18:32:10
db:PACKETSTORMid:154564date:2019-09-23T18:26:04
db:PACKETSTORMid:155212date:2019-11-08T15:37:19
db:PACKETSTORMid:154569date:2019-09-23T18:26:57
db:PACKETSTORMid:154563date:2019-09-23T18:25:56
db:PACKETSTORMid:154513date:2019-09-18T21:22:34
db:PACKETSTORMid:154541date:2019-09-20T14:58:33
db:NVDid:CVE-2019-14835date:2019-09-17T16:15:10.980