ID

VAR-201909-1526


CVE

CVE-2019-14816


TITLE

Linux kernel Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-201908-2176

DESCRIPTION

There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code. (BZ#1782705) 4. ========================================================================== Kernel Live Patch Security Notice 0058-1 October 22, 2019 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu: | Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 18.04 LTS | 4.15.0 | amd64 | aws | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | lowlatency | | Ubuntu 18.04 LTS | 4.15.0 | amd64 | oem | | Ubuntu 18.04 LTS | 5.0.0 | amd64 | azure | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | aws | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | azure | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.15.0 | amd64 | lowlatency | Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2016-10905) It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. (CVE-2018-20856) It was discovered that the USB gadget Midi driver in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-20961) It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. (CVE-2018-20976) It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not did not handle detach operations correctly, leading to a use-after-free vulnerability. (CVE-2018-21008) It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136) It was discovered that the Linux kernel on ARM processors allowed a tracing process to modify a syscall after a seccomp decision had been made on that syscall. A local attacker could possibly use this to bypass seccomp restrictions. (CVE-2019-2054) It was discovered that an integer overflow existed in the Binder implementation of the Linux kernel, leading to a buffer overflow. A local attacker could use this to escalate privileges. (CVE-2019-2181) It was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. (CVE-2019-3846) It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. (CVE-2019-10126) It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207) Jonathan Looney discovered that an integer overflow existed in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service (system crash). (CVE-2019-11477) Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (CVE-2019-11478) It was discovered that the ext4 file system implementation in the Linux kernel did not properly zero out memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11833) It was discovered that the PowerPC dlpar implementation in the Linux kernel did not properly check for allocation errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-12614) It was discovered that the floppy driver in the Linux kernel did not properly validate meta data, leading to a buffer overread. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14283) It was discovered that the floppy driver in the Linux kernel did not properly validate ioctl() calls, leading to a division-by-zero. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-14284) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. (CVE-2019-14814) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. (CVE-2019-14815) Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. (CVE-2019-14816) Matt Delco discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform bounds checking when handling coalesced MMIO write operations. A local attacker with write access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-14821) Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. (CVE-2019-14835) Update instructions: The problem can be corrected by updating your livepatches to the following versions: | Kernel | Version | flavors | |--------------------------+----------+--------------------------| | 4.4.0-148.174 | 58.1 | lowlatency, generic | | 4.4.0-148.174~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-150.176 | 58.1 | generic, lowlatency | | 4.4.0-150.176~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-151.178 | 58.1 | lowlatency, generic | | 4.4.0-151.178~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-154.181 | 58.1 | lowlatency, generic | | 4.4.0-154.181~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-157.185 | 58.1 | lowlatency, generic | | 4.4.0-157.185~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-159.187 | 58.1 | lowlatency, generic | | 4.4.0-159.187~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-161.189 | 58.1 | lowlatency, generic | | 4.4.0-161.189~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-164.192 | 58.1 | lowlatency, generic | | 4.4.0-164.192~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-165.193 | 58.1 | generic, lowlatency | | 4.4.0-1083.93 | 58.1 | aws | | 4.4.0-1084.94 | 58.1 | aws | | 4.4.0-1085.96 | 58.1 | aws | | 4.4.0-1087.98 | 58.1 | aws | | 4.4.0-1088.99 | 58.1 | aws | | 4.4.0-1090.101 | 58.1 | aws | | 4.4.0-1092.103 | 58.1 | aws | | 4.4.0-1094.105 | 58.1 | aws | | 4.15.0-50.54 | 58.1 | generic, lowlatency | | 4.15.0-50.54~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-51.55 | 58.1 | generic, lowlatency | | 4.15.0-51.55~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-52.56 | 58.1 | lowlatency, generic | | 4.15.0-52.56~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-54.58 | 58.1 | generic, lowlatency | | 4.15.0-54.58~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-55.60 | 58.1 | generic, lowlatency | | 4.15.0-58.64 | 58.1 | generic, lowlatency | | 4.15.0-58.64~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-60.67 | 58.1 | lowlatency, generic | | 4.15.0-60.67~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-62.69 | 58.1 | generic, lowlatency | | 4.15.0-62.69~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-64.73 | 58.1 | generic, lowlatency | | 4.15.0-64.73~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-65.74 | 58.1 | lowlatency, generic | | 4.15.0-1038.43 | 58.1 | oem | | 4.15.0-1039.41 | 58.1 | aws | | 4.15.0-1039.44 | 58.1 | oem | | 4.15.0-1040.42 | 58.1 | aws | | 4.15.0-1041.43 | 58.1 | aws | | 4.15.0-1043.45 | 58.1 | aws | | 4.15.0-1043.48 | 58.1 | oem | | 4.15.0-1044.46 | 58.1 | aws | | 4.15.0-1045.47 | 58.1 | aws | | 4.15.0-1045.50 | 58.1 | oem | | 4.15.0-1047.49 | 58.1 | aws | | 4.15.0-1047.51 | 58.1 | azure | | 4.15.0-1048.50 | 58.1 | aws | | 4.15.0-1049.54 | 58.1 | azure | | 4.15.0-1050.52 | 58.1 | aws | | 4.15.0-1050.55 | 58.1 | azure | | 4.15.0-1050.57 | 58.1 | oem | | 4.15.0-1051.53 | 58.1 | aws | | 4.15.0-1051.56 | 58.1 | azure | | 4.15.0-1052.57 | 58.1 | azure | | 4.15.0-1055.60 | 58.1 | azure | | 4.15.0-1056.61 | 58.1 | azure | | 4.15.0-1056.65 | 58.1 | oem | | 4.15.0-1057.62 | 58.1 | azure | | 4.15.0-1057.66 | 58.1 | oem | | 4.15.0-1059.64 | 58.1 | azure | | 5.0.0-1014.14~18.04.1 | 58.1 | azure | | 5.0.0-1016.17~18.04.1 | 58.1 | azure | | 5.0.0-1018.19~18.04.1 | 58.1 | azure | | 5.0.0-1020.21~18.04.1 | 58.1 | azure | Support Information: Kernels older than the levels listed below do not receive livepatch updates. Please upgrade your kernel as soon as possible. | Series | Version | Flavors | |------------------+------------------+--------------------------| | Ubuntu 18.04 LTS | 4.15.0-1039 | aws | | Ubuntu 16.04 LTS | 4.4.0-1083 | aws | | Ubuntu 18.04 LTS | 5.0.0-1000 | azure | | Ubuntu 16.04 LTS | 4.15.0-1047 | azure | | Ubuntu 18.04 LTS | 4.15.0-50 | generic lowlatency | | Ubuntu 16.04 LTS | 4.15.0-50 | generic lowlatency | | Ubuntu 14.04 LTS | 4.4.0-148 | generic lowlatency | | Ubuntu 18.04 LTS | 4.15.0-1038 | oem | | Ubuntu 16.04 LTS | 4.4.0-148 | generic lowlatency | References: CVE-2016-10905, CVE-2018-20856, CVE-2018-20961, CVE-2018-20976, CVE-2018-21008, CVE-2019-0136, CVE-2019-2054, CVE-2019-2181, CVE-2019-3846, CVE-2019-10126, CVE-2019-10207, CVE-2019-11477, CVE-2019-11478, CVE-2019-11833, CVE-2019-12614, CVE-2019-14283, CVE-2019-14284, CVE-2019-14814, CVE-2019-14815, CVE-2019-14816, CVE-2019-14821, CVE-2019-14835 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 19.04 for Ubuntu 18.04 LTS. Please note that the RDS protocol is blacklisted in Ubuntu by default. (CVE-2019-2181) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: linux-image-5.0.0-1021-gcp 5.0.0-1021.21~18.04.1 linux-image-5.0.0-1023-azure 5.0.0-1023.24~18.04.1 linux-image-5.0.0-1023-gke 5.0.0-1023.23~18.04.2 linux-image-5.0.0-32-generic 5.0.0-32.34~18.04.2 linux-image-5.0.0-32-generic-lpae 5.0.0-32.34~18.04.2 linux-image-5.0.0-32-lowlatency 5.0.0-32.34~18.04.2 linux-image-azure 5.0.0.1023.33 linux-image-gcp 5.0.0.1021.26 linux-image-generic-hwe-18.04 5.0.0.32.89 linux-image-generic-lpae-hwe-18.04 5.0.0.32.89 linux-image-gke-5.0 5.0.0.1023.12 linux-image-lowlatency-hwe-18.04 5.0.0.32.89 linux-image-snapdragon-hwe-18.04 5.0.0.32.89 linux-image-virtual-hwe-18.04 5.0.0.32.89 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Bug Fix(es): * [Azure][8.1] Include patch "PCI: hv: Avoid use of hv_pci_dev->pci_slot after freeing it" (BZ#1764635) * block layer: update to v5.3 (BZ#1777766) * backport xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (BZ#1778692) * Backport important bugfixes from upstream post 5.3 (BZ#1778693) * LUN path recovery issue with Emulex LPe32002 HBA in RHEL 8.0 Server during storage side cable pull testing (BZ#1781108) * cifs tasks enter D state and error out with "CIFS VFS: SMB signature verification returned error = -5" (BZ#1781110) * Update CIFS to linux 5.3 (except RDMA and conflicts) (BZ#1781113) * RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781114) * blk-mq: overwirte performance drops on real MQ device (BZ#1782181) 4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2020:0653-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:0653 Issue date: 2020-03-03 CVE Names: CVE-2019-14816 CVE-2019-14895 CVE-2019-17133 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.3) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.3) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.3) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.3) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.3) - noarch, x86_64 3. Bug Fix(es): * RHEL7.5 - kernel crashed at xfs_reclaim_inodes_count+0x70/0xa0 (BZ#1795578) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Package List: Red Hat Enterprise Linux Server AUS (v. 7.3): Source: kernel-3.10.0-514.73.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.73.1.el7.noarch.rpm kernel-doc-3.10.0-514.73.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.73.1.el7.x86_64.rpm kernel-debug-3.10.0-514.73.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.73.1.el7.x86_64.rpm kernel-devel-3.10.0-514.73.1.el7.x86_64.rpm kernel-headers-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.73.1.el7.x86_64.rpm perf-3.10.0-514.73.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm python-perf-3.10.0-514.73.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.3): Source: kernel-3.10.0-514.73.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.73.1.el7.noarch.rpm kernel-doc-3.10.0-514.73.1.el7.noarch.rpm ppc64le: kernel-3.10.0-514.73.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-514.73.1.el7.ppc64le.rpm kernel-debug-3.10.0-514.73.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-514.73.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.73.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.73.1.el7.ppc64le.rpm kernel-devel-3.10.0-514.73.1.el7.ppc64le.rpm kernel-headers-3.10.0-514.73.1.el7.ppc64le.rpm kernel-tools-3.10.0-514.73.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.73.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-514.73.1.el7.ppc64le.rpm perf-3.10.0-514.73.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.73.1.el7.ppc64le.rpm python-perf-3.10.0-514.73.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.73.1.el7.ppc64le.rpm x86_64: kernel-3.10.0-514.73.1.el7.x86_64.rpm kernel-debug-3.10.0-514.73.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.73.1.el7.x86_64.rpm kernel-devel-3.10.0-514.73.1.el7.x86_64.rpm kernel-headers-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.73.1.el7.x86_64.rpm perf-3.10.0-514.73.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm python-perf-3.10.0-514.73.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.3): Source: kernel-3.10.0-514.73.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.73.1.el7.noarch.rpm kernel-doc-3.10.0-514.73.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.73.1.el7.x86_64.rpm kernel-debug-3.10.0-514.73.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.73.1.el7.x86_64.rpm kernel-devel-3.10.0-514.73.1.el7.x86_64.rpm kernel-headers-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.73.1.el7.x86_64.rpm perf-3.10.0-514.73.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm python-perf-3.10.0-514.73.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 7.3): x86_64: kernel-debug-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.73.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional E4S (v. 7.3): ppc64le: kernel-debug-debuginfo-3.10.0-514.73.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-514.73.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.73.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.73.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.73.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-514.73.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.73.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.73.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.73.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 7.3): x86_64: kernel-debug-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.73.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.73.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2019-14816 https://access.redhat.com/security/cve/CVE-2019-14895 https://access.redhat.com/security/cve/CVE-2019-17133 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXl4XNNzjgjWX9erEAQhJBQ/8CyjpUUDSLTHaCEJFYJjkjeW/gZrQihQo n+YWSdQeMHaRyVnBmZEcBrbXju8a+z0jFrGF4Ur+UhzFSZWZhHsVo5RQiXOIy8/t gytN5rJb4254w7RF5EjnyfLCX1fC8kNdlBZfujwUG+dQXwnjCTt6JpTfDhXSoVBS iVlrjWdvoyNUa2rzjr6B2pp7oglZWosWiXW5IpH+WG8dnIG9zuV9uVoOMaeEDvbk c0mEYi3RvRZ1VhrG6nPcmdPURsSlUUxRFdWTuteYaQ5KRflwuNVTLuqvzQYN8gei E14TW4xLQ6Vxzyo/ri56hL7HvtjRXQMYIIKlM0d3noDwCCR0Tem8WbZeAvijQKpl hvRXI3yZ9v0B+oHm9rxf3uKGTSOofe4+7Bz0X07aV4JUWdkgkCsFsKITXbqd8RN4 ZHld8Si0ozhogFjUzM7sUwERX4U5+gYulIB8VeRlXizJD8BWt50vdkY2KvMsQHXf gMn/FvUZXZvMLmVZLmkga+vsQ3zmxCoUI09IV+rZJfECak+tnHfjnFqg/5rG2+UU gK313MUCsiEmqzryGDiz9UQnAwOwhWTw5FGpXcfSl+i0XMi4bgg7sk5z5yS8bTvJ yANM4DSxkKqK9ALhlFQbKmOzfpD41Spnb137Bak+yHPLDZyK70CHkYJyMX1GD+7n 0FdO1ZoO0uc=rEim -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 8) - x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Bug Fix(es): * kernel-rt: update RT source tree to the RHEL-8.1.z2 source tree (BZ#1780326) 4. 7.6) - ppc64, ppc64le, x86_64 3. Bug Fix(es): * [PATCH] perf: Fix a race between ring_buffer_detach() and ring_buffer_wakeup() (BZ#1772826) * core: backports from upstream (BZ#1780031) * Race between tty_open() and flush_to_ldisc() using the tty_struct->driver_data field. (BZ#1780160) * [Hyper-V][RHEL7.6]Hyper-V guest waiting indefinitely for RCU callback when removing a mem cgroup (BZ#1783176) Enhancement(s): * Selective backport: perf: Sync with upstream v4.16 (BZ#1782752) 4

Trust: 1.53

sources: NVD: CVE-2019-14816 // PACKETSTORM: 156058 // PACKETSTORM: 154951 // PACKETSTORM: 154933 // PACKETSTORM: 156202 // PACKETSTORM: 156602 // PACKETSTORM: 156190 // PACKETSTORM: 156608

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:ltversion:3.16.74

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:19.04

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:8.1

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.5

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:7.6

Trust: 1.0

vendor:netappmodel:a320scope:eqversion: -

Trust: 1.0

vendor:netappmodel:h300sscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:7.0

Trust: 1.0

vendor:netappmodel:service processorscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.2

Trust: 1.0

vendor:redhatmodel:enterprise linux compute node eusscope:eqversion:7.6

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.7

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.15

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.4.194

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:6.4

Trust: 1.0

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.9.194

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.75

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux for real time for nfvscope:eqversion:7

Trust: 1.0

vendor:netappmodel:c190scope:eqversion: -

Trust: 1.0

vendor:netappmodel:h300escope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:netappmodel:h700escope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.10

Trust: 1.0

vendor:netappmodel:a220scope:eqversion: -

Trust: 1.0

vendor:netappmodel:h500sscope:eqversion: -

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for real timescope:eqversion:8

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.3

Trust: 1.0

vendor:netappmodel:fas2720scope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux for real time for nfv tusscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for power big endian eusscope:eqversion:7.6_ppc64

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:8.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for real time tusscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux for real time for nfvscope:eqversion:8

Trust: 1.0

vendor:redhatmodel:messaging realtime gridscope:eqversion:2.0

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.20

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:8.4

Trust: 1.0

vendor:redhatmodel:enterprise linux for real time for nfv tusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux serverscope:eqversion:7.6

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:3.6

Trust: 1.0

vendor:redhatmodel:virtualizationscope:eqversion:4.0

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:6.0

Trust: 1.0

vendor:redhatmodel:enterprise linux for real time tusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:virtualizationscope:eqversion:4.2

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:8.2

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:redhatmodel:enterprise linux tusscope:eqversion:7.7

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:29

Trust: 1.0

vendor:netappmodel:h500escope:eqversion: -

Trust: 1.0

vendor:netappmodel:solidfirescope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.3

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:5.2.17

Trust: 1.0

vendor:netappmodel:h410sscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux for real timescope:eqversion:7

Trust: 1.0

vendor:netappmodel:h610sscope:eqversion: -

Trust: 1.0

vendor:netappmodel:a800scope:eqversion: -

Trust: 1.0

vendor:fedoraprojectmodel:fedorascope:eqversion:30

Trust: 1.0

vendor:redhatmodel:enterprise linuxscope:eqversion:5.0

Trust: 1.0

vendor:netappmodel:hci management nodescope:eqversion: -

Trust: 1.0

vendor:netappmodel:a700sscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:8.4

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.14.146

Trust: 1.0

vendor:redhatmodel:enterprise linux eusscope:eqversion:8.2

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.6

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:8.2

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.1

Trust: 1.0

vendor:netappmodel:h700sscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:3.17

Trust: 1.0

vendor:netappmodel:fas2750scope:eqversion: -

Trust: 1.0

sources: NVD: CVE-2019-14816

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-14816
value: HIGH

Trust: 1.0

secalert@redhat.com: CVE-2019-14816
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-201908-2176
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2019-14816
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

nvd@nist.gov: CVE-2019-14816
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

secalert@redhat.com: CVE-2019-14816
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.0

Trust: 1.0

sources: CNNVD: CNNVD-201908-2176 // NVD: CVE-2019-14816 // NVD: CVE-2019-14816

PROBLEMTYPE DATA

problemtype:CWE-122

Trust: 1.0

problemtype:CWE-787

Trust: 1.0

sources: NVD: CVE-2019-14816

THREAT TYPE

local

Trust: 0.8

sources: PACKETSTORM: 154951 // PACKETSTORM: 154933 // CNNVD: CNNVD-201908-2176

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201908-2176

PATCH

title:Linux kernel Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=97659

Trust: 0.6

sources: CNNVD: CNNVD-201908-2176

EXTERNAL IDS

db:NVDid:CVE-2019-14816

Trust: 2.3

db:PACKETSTORMid:154951

Trust: 1.7

db:PACKETSTORMid:155212

Trust: 1.6

db:OPENWALLid:OSS-SECURITY/2019/08/28/1

Trust: 1.6

db:PACKETSTORMid:156608

Trust: 0.7

db:PACKETSTORMid:156216

Trust: 0.6

db:PACKETSTORMid:156020

Trust: 0.6

db:PACKETSTORMid:157140

Trust: 0.6

db:PACKETSTORMid:154897

Trust: 0.6

db:AUSCERTid:ESB-2020.0415

Trust: 0.6

db:AUSCERTid:ESB-2019.3817

Trust: 0.6

db:AUSCERTid:ESB-2020.1172

Trust: 0.6

db:AUSCERTid:ESB-2019.4252

Trust: 0.6

db:AUSCERTid:ESB-2019.3570

Trust: 0.6

db:AUSCERTid:ESB-2019.4346

Trust: 0.6

db:AUSCERTid:ESB-2020.0790

Trust: 0.6

db:AUSCERTid:ESB-2020.3064

Trust: 0.6

db:AUSCERTid:ESB-2020.0766

Trust: 0.6

db:AUSCERTid:ESB-2019.3897

Trust: 0.6

db:AUSCERTid:ESB-2019.3835

Trust: 0.6

db:AUSCERTid:ESB-2019.4346.2

Trust: 0.6

db:AUSCERTid:ESB-2020.1248

Trust: 0.6

db:CNNVDid:CNNVD-201908-2176

Trust: 0.6

db:PACKETSTORMid:156058

Trust: 0.1

db:PACKETSTORMid:154933

Trust: 0.1

db:PACKETSTORMid:156202

Trust: 0.1

db:PACKETSTORMid:156602

Trust: 0.1

db:PACKETSTORMid:156190

Trust: 0.1

sources: PACKETSTORM: 156058 // PACKETSTORM: 154951 // PACKETSTORM: 154933 // PACKETSTORM: 156202 // PACKETSTORM: 156602 // PACKETSTORM: 156190 // PACKETSTORM: 156608 // CNNVD: CNNVD-201908-2176 // NVD: CVE-2019-14816

REFERENCES

url:https://www.openwall.com/lists/oss-security/2019/08/28/1

Trust: 3.2

url:https://access.redhat.com/security/cve/cve-2019-14816

Trust: 2.7

url:https://access.redhat.com/errata/rhsa-2020:0339

Trust: 2.3

url:https://usn.ubuntu.com/4157-1/

Trust: 2.2

url:https://access.redhat.com/errata/rhsa-2020:0374

Trust: 2.2

url:https://access.redhat.com/errata/rhsa-2020:0204

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2020:0653

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2020:0328

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2020:0664

Trust: 1.7

url:https://usn.ubuntu.com/4163-2/

Trust: 1.6

url:https://usn.ubuntu.com/4162-1/

Trust: 1.6

url:http://packetstormsecurity.com/files/155212/slackware-security-advisory-slackware-14.2-kernel-updates.html

Trust: 1.6

url:http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html

Trust: 1.6

url:https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html

Trust: 1.6

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/o3rudqjxrjqvghcgr4yzwtq3ecbi7txh/

Trust: 1.6

url:https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html

Trust: 1.6

url:https://security.netapp.com/advisory/ntap-20191031-0005/

Trust: 1.6

url:https://access.redhat.com/errata/rhsa-2020:0661

Trust: 1.6

url:https://usn.ubuntu.com/4163-1/

Trust: 1.6

url:https://usn.ubuntu.com/4162-2/

Trust: 1.6

url:http://packetstormsecurity.com/files/154951/kernel-live-patch-security-notice-lsn-0058-1.html

Trust: 1.6

url:https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3

Trust: 1.6

url:https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-14816

Trust: 1.6

url:http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html

Trust: 1.6

url:https://seclists.org/bugtraq/2019/nov/11

Trust: 1.6

url:https://access.redhat.com/errata/rhsa-2020:0174

Trust: 1.6

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/t4jz6aeukfwbhqarogmqarj274pqp2qp/

Trust: 1.6

url:https://access.redhat.com/errata/rhsa-2020:0375

Trust: 1.6

url:https://usn.ubuntu.com/4157-2/

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2019-14816

Trust: 1.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1744149

Trust: 0.6

url:https://access.redhat.com/errata/rhsa-2020:1353

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/o3rudqjxrjqvghcgr4yzwtq3ecbi7txh/

Trust: 0.6

url:https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7caac62ed598a196d6ddf8d9c121e12e082cac3a

Trust: 0.6

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/t4jz6aeukfwbhqarogmqarj274pqp2qp/

Trust: 0.6

url:https://access.redhat.com/errata/rhsa-2020:1347

Trust: 0.6

url:https://access.redhat.com/errata/rhsa-2020:1266

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html

Trust: 0.6

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192658-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192651-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192424-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192414-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192412-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192648-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/156608/red-hat-security-advisory-2020-0664-01.html

Trust: 0.6

url:https://vigilance.fr/vulnerability/linux-kernel-buffer-overflow-via-net-wireless-marvell-mwifiex-30180

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3570/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1248/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0766/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4346/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0415/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4252/

Trust: 0.6

url:https://packetstormsecurity.com/files/157140/red-hat-security-advisory-2020-1347-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3835/

Trust: 0.6

url:https://packetstormsecurity.com/files/156020/red-hat-security-advisory-2020-0174-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3817/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0790/

Trust: 0.6

url:https://packetstormsecurity.com/files/154897/ubuntu-security-notice-usn-4157-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/156216/red-hat-security-advisory-2020-0375-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1172/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.3897/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3064/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4346.2/

Trust: 0.6

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.5

url:https://access.redhat.com/articles/11258

Trust: 0.5

url:https://access.redhat.com/security/team/contact/

Trust: 0.5

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.5

url:https://bugzilla.redhat.com/):

Trust: 0.5

url:https://access.redhat.com/security/team/key/

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2019-14815

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-14814

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-14895

Trust: 0.4

url:https://access.redhat.com/security/cve/cve-2019-14895

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-14821

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2019-14901

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-14901

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-10126

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2018-20856

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-2181

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-19338

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-14815

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-14898

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-14898

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-14814

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-19338

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-17666

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17666

Trust: 0.2

url:https://access.redhat.com/security/cve/cve-2019-17133

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17133

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-5489

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-0154

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-0154

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-12207

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16884

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11135

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14821

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-0155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-0155

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5489

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-9506

Trust: 0.1

url:https://access.redhat.com/security/vulnerabilities/ifu-page-mce

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-3900

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-12207

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-9506

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11135

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16884

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-3900

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-10126

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11478

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-10207

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14835

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11477

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-3846

Trust: 0.1

url:https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-10905

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-12614

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-21008

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14284

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14283

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-11833

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2054

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20976

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-0136

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-20961

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15505

Trust: 0.1

url:https://usn.ubuntu.com/4157-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-32.34~18.04.2

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15504

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-15902

Trust: 0.1

url:https://usn.ubuntu.com/4157-2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1023.24~18.04.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-16714

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1021.21~18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1023.23~18.04.2

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-20856

Trust: 0.1

sources: PACKETSTORM: 156058 // PACKETSTORM: 154951 // PACKETSTORM: 154933 // PACKETSTORM: 156202 // PACKETSTORM: 156602 // PACKETSTORM: 156190 // PACKETSTORM: 156608 // CNNVD: CNNVD-201908-2176 // NVD: CVE-2019-14816

CREDITS

Ubuntu,Red Hat

Trust: 0.6

sources: CNNVD: CNNVD-201908-2176

SOURCES

db:PACKETSTORMid:156058
db:PACKETSTORMid:154951
db:PACKETSTORMid:154933
db:PACKETSTORMid:156202
db:PACKETSTORMid:156602
db:PACKETSTORMid:156190
db:PACKETSTORMid:156608
db:CNNVDid:CNNVD-201908-2176
db:NVDid:CVE-2019-14816

LAST UPDATE DATE

2025-01-21T22:23:53.065000+00:00


SOURCES UPDATE DATE

db:CNNVDid:CNNVD-201908-2176date:2023-03-23T00:00:00
db:NVDid:CVE-2019-14816date:2024-11-21T04:27:25.253

SOURCES RELEASE DATE

db:PACKETSTORMid:156058date:2020-01-23T00:26:55
db:PACKETSTORMid:154951date:2019-10-23T18:32:10
db:PACKETSTORMid:154933date:2019-10-22T17:26:37
db:PACKETSTORMid:156202date:2020-02-04T14:59:17
db:PACKETSTORMid:156602date:2020-03-03T14:08:50
db:PACKETSTORMid:156190date:2020-02-04T14:42:51
db:PACKETSTORMid:156608date:2020-03-03T16:33:49
db:CNNVDid:CNNVD-201908-2176date:2019-08-28T00:00:00
db:NVDid:CVE-2019-14816date:2019-09-20T19:15:11.767