ID

VAR-201911-1627


CVE

CVE-2019-0155


TITLE

plural Intel Vulnerability related to privilege management in products

Trust: 0.8

sources: JVNDB: JVNDB-2019-012191

DESCRIPTION

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access. plural Intel The product contains a privilege management vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. A security vulnerability exists in the Intel graphics hardware (GPU) due to the program's inadequate access controls. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64 3. Bug Fix(es): * Backport TCP follow-up for small buffers (BZ#1739184) * TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170) * RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548) * block: blk-mq improvement (BZ#1780567) * RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111) * blk-mq: overwirte performance drops on real MQ device (BZ#1782183) * RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705) 4. 7.3) - noarch, x86_64 3. Due to the high complexity of the fixes and the required microcode update, we are unable to livepatch this set of CVEs. Please plan to reboot into an updated kernel as soon as possible. The details of these CVEs follows: CVE-2018-12207 On an Ubuntu KVM host configured to use huge pages, a malicious KVM guest can cause a host machine check exception (MCE) capable of bringing down the host OS. CVE-2019-11135 On Intel processors with support for Transactional Synchronization Extensions (TSX), it is possible to exploit a transactional asynchronous abort (TAA) to perform a side-channel attack and leak kernel memory. Further details on the vulnerabilities and our response can be found here: https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/TAA_MCEPSC_i915 Again, due to the high complexity of the fixes and the required microcode update, we are unable to livepatch this set of CVEs. Please plan to reboot into an updated kernel as soon as possible. | Series | Version | Flavors | |------------------+-----------------------+--------------------------| | Ubuntu 18.04 LTS | 4.15.0-1054.55 | aws | | Ubuntu 16.04 LTS | 4.4.0-1098.102 | aws | | Ubuntu 18.04 LTS | 5.0.0-1025.27~18.04.1 | azure | | Ubuntu 16.04 LTS | 4.15.0-1063.66 | azure | | Ubuntu 18.04 LTS | 4.15.0-69.78 | generic lowlatency | | Ubuntu 16.04 LTS | 4.15.0-69.78~16.04.1 | generic lowlatency | | Ubuntu 14.04 LTS | 4.4.0-168.197~14.04.1 | generic lowlatency | | Ubuntu 18.04 LTS | 4.15.0-1063.72 | oem | | Ubuntu 16.04 LTS | 4.4.0-168.197 | generic lowlatency | Support Information: Kernels older than the levels listed above will no longer receive livepatch updates. References: CVE-2018-12207, CVE-2019-0154, CVE-2019-0155, CVE-2019-11135 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.202/*: Upgraded. CRYPTO_CRC32C_INTEL m -> y +X86_INTEL_TSX_MODE_AUTO n +X86_INTEL_TSX_MODE_OFF y +X86_INTEL_TSX_MODE_ON n These updates fix various bugs and security issues, including mitigation for the TSX Asynchronous Abort condition on some CPUs. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: Fixed in 4.4.201: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0155 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0154 Fixed in 4.4.202: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11135 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.202-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.202 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.202-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.202 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. CVE-2018-12207 It was discovered that on Intel CPUs supporting hardware virtualisation with Extended Page Tables (EPT), a guest VM may manipulate the memory management hardware to cause a Machine Check Error (MCE) and denial of service (hang or crash). The guest triggers this error by changing page tables without a TLB flush, so that both 4 KB and 2 MB entries for the same virtual address are loaded into the instruction TLB (iTLB). This update implements a mitigation in KVM that prevents guest VMs from loading 2 MB entries into the iTLB. This will reduce performance of guest VMs. A qemu update adding support for the PSCHANGE_MC_NO feature, which allows to disable iTLB Multihit mitigations in nested hypervisors will be provided via DSA 4566-1. CVE-2019-0154 Intel discovered that on their 8th and 9th generation GPUs, reading certain registers while the GPU is in a low-power state can cause a system hang. The affected chips (gen8 and gen9) are listed at <https://en.wikipedia.org/wiki/List_of_Intel_graphics_processing_units#Gen8>. The affected chips (gen9 onward) are listed at <https://en.wikipedia.org/wiki/List_of_Intel_graphics_processing_units#Gen9>. CVE-2019-11135 It was discovered that on Intel CPUs supporting transactional memory (TSX), a transaction that is going to be aborted may continue to execute speculatively, reading sensitive data from internal buffers and leaking it through dependent operations. Intel calls this "TSX Asynchronous Abort" (TAA). For CPUs affected by the previously published Microarchitectural Data Sampling (MDS) issues (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091), the existing mitigation also mitigates this issue. For processors that are vulnerable to TAA but not MDS, this update disables TSX by default. This mitigation requires updated CPU microcode. An updated intel-microcode package (only available in Debian non-free) will be provided via DSA 4565-1. The updated CPU microcode may also be available as part of a system firmware ("BIOS") update. For the oldstable distribution (stretch), these problems have been fixed in version 4.9.189-3+deb9u2. For the stable distribution (buster), these problems have been fixed in version 4.19.67-2+deb10u2. For the detailed security status of linux please refer to its security tracker page at: https://security-tracker.debian.org/tracker/linux Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl3LBMVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RtSg//aBsENrrs5mbCKYxt6Lm1hVdxdmz+9TbgZkxU+lQ0XEfge4wQUCa8KhJh os4qGuDXh5q/2VkNMa+cUCyHCyxxl3qv4rCsm+MxG1Rd4Hy4JoKt4heJgi5hXW9A qhOQ5+rHb0OeoPM9BCduTi37h+mLS4ItRz30n3+3B2+VC0tj+iV2nOZJmC0WMEiq LrqeDm39pa6DqKBAExdYT/TCyKLsngMHoIGorWVPXdJP1/xmrH2gU0W3L7k5KJPz apeCi4E3H9bjRh8Be5SeT3zDoEaiiNn/sHHkLDeAryFMuwilekxFaYocbW/0CEIH kWRMkC+uq1KfQfBDSxIOsH8yq8n+zQ12XJ0YiiqEKg6ErabWz5rCaVHyPWvdh0Ny mezs99PkQ7mUkjAUVzIfz2Rq6VByOCdfuT/GvPL7rUtIJYRdqYkWBI8t/hVlrnDq yR+X7vQZWm5wb3+Jiz/sA6TqgDvKSgk1+tUfBmqI9sh1wWNKSSYee0b81BLLubs3 IInPlgW2Lp+IsA3CVKKQNTNMWZkuNyPZH2UGpZV45otazcLPrrdNtt52x4gvIJ/W lizVpb2BOpTpoeEXNYlEDCjwcrW9f1FkVztwMgz3J6eb9pHjieFuGO9vOxcP7li3 FNJbGhaUUZa8BfjsQgBwFSwVXRr212zK9yv0UHnLRJo4l0I3xC0=YZWL -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-4186-3 November 13, 2019 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel Details: USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details: Stephan van Schaik, Alyssa Milburn, Sebastian \xd6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135) It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155) Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207) It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154) Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098) It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746) Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052) Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053) Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054) Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055) Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056) Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666) Maddie Stone discovered that the Binder IPC Driver implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-2215) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: linux-image-4.4.0-169-generic 4.4.0-169.198 linux-image-4.4.0-169-generic-lpae 4.4.0-169.198 linux-image-4.4.0-169-lowlatency 4.4.0-169.198 linux-image-generic 4.4.0.169.177 linux-image-generic-lpae 4.4.0.169.177 linux-image-lowlatency 4.4.0.169.177 linux-image-virtual 4.4.0.169.177 Please note that mitigating the TSX (CVE-2019-11135) and i915 (CVE-2019-0154) issues requires corresponding microcode and graphics firmware updates respectively. After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4186-3 https://usn.ubuntu.com/4186-1 CVE-2019-0155, https://bugs.launchpad.net/bugs/1852141 Package Information: https://launchpad.net/ubuntu/+source/linux/4.4.0-169.198 . Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2019:3872-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3872 Issue date: 2019-11-13 CVE Names: CVE-2019-0155 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Security Fix(es): * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. 5. Bugs fixed (https://bugzilla.redhat.com/): 1724398 - CVE-2019-0155 hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm ppc64: bpftool-3.10.0-1062.4.3.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-3.10.0-1062.4.3.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.3.el7.ppc64.rpm kernel-devel-3.10.0-1062.4.3.el7.ppc64.rpm kernel-headers-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.ppc64.rpm perf-3.10.0-1062.4.3.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm python-perf-3.10.0-1062.4.3.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1062.4.3.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-devel-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-headers-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.ppc64le.rpm perf-3.10.0-1062.4.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm python-perf-3.10.0-1062.4.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm s390x: bpftool-3.10.0-1062.4.3.el7.s390x.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-3.10.0-1062.4.3.el7.s390x.rpm kernel-debug-3.10.0-1062.4.3.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.s390x.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1062.4.3.el7.s390x.rpm kernel-devel-3.10.0-1062.4.3.el7.s390x.rpm kernel-headers-3.10.0-1062.4.3.el7.s390x.rpm kernel-kdump-3.10.0-1062.4.3.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm kernel-kdump-devel-3.10.0-1062.4.3.el7.s390x.rpm perf-3.10.0-1062.4.3.el7.s390x.rpm perf-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm python-perf-3.10.0-1062.4.3.el7.s390x.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.s390x.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.ppc64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.ppc64le.rpm perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1062.4.3.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1062.4.3.el7.noarch.rpm kernel-doc-3.10.0-1062.4.3.el7.noarch.rpm x86_64: bpftool-3.10.0-1062.4.3.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-devel-3.10.0-1062.4.3.el7.x86_64.rpm kernel-headers-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-3.10.0-1062.4.3.el7.x86_64.rpm perf-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1062.4.3.el7.x86_64.rpm perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1062.4.3.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXcxRUNzjgjWX9erEAQi5Yg//WF/xcoOzOw9jzwdqE1SsG5n/lwSjyQS2 PFTfDJL21oGdbx0x1Z3j/RlNz5JHYQ6WVf3OQYkjet71edQrVRMy2/uJGtmHUIng dyBqZA6JBUkYxm/OqgxV+F5oH/px01dnIdKLus2Qb7p6CPJegTVz0++6U0MIUlPs d0Q08EqmBvSqznpsOA0DeQkt+Lxp29CqzkTv3f+aFdrRBoUYJkMRS3JPG0NBBo14 ZWMv1ifhikR5SRPDGYyeXaIhn/KrOJDMAkYeMhikV5YEnSdyYqePgVuE51GJjvmz 3X6zgvOWe6+XAH4jy+llCEDwpwLRbbDB6wY1llZzECEdT+Dpr0lg3cFDjVrv3y+6 w812DuXMwX/MbSSK1Vn+KHkpm2z/OM8zQw0fdpXTSd1sbuYjmlqnjlHibhiB9Xl3 sxUJ5cr91KdYAMFAV4n7n3KeAME0H+3dj8ukxEfAe4culu1hrO4SDYXmBx+QhijJ Yt/Io/sNU6Qybni7rc/lmwgRpKA/0ajLeDznnuhrCXcM5twfnRudbOYfQ6YZh2+Y WxiVuuNUN5BJAInozVWGv+B9AxX3MBorEGBVyQlX9nVrlymFPFzsNxr9UEbWpQo5 rFBST2oBfHpCrdbOL2/DRdIpd4IXCfpk0C35cOoyfZvYg2JDY2fhGvsOvUZDSqED B2RjnqNVpjA= =BPLV -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . (CVE-2019-15792) Jann Horn discovered that the shiftfs implementation in the Linux kernel did not use the correct file system uid/gid when the user namespace of a lower file system is not in the init user namespace

Trust: 2.7

sources: NVD: CVE-2019-0155 // JVNDB: JVNDB-2019-012191 // VULHUB: VHN-140186 // PACKETSTORM: 156058 // PACKETSTORM: 155338 // PACKETSTORM: 155318 // PACKETSTORM: 155375 // PACKETSTORM: 155303 // PACKETSTORM: 155280 // PACKETSTORM: 155335 // PACKETSTORM: 155346 // PACKETSTORM: 155333 // PACKETSTORM: 155329 // PACKETSTORM: 155332

AFFECTED PRODUCTS

vendor:intelmodel:core i3-10110yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-7167uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-6100scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-5010uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2226gescope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-9100tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium g4560tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6820hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-5257uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m5-6y57scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7260uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8300hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7500tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-6500scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8559uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m3-8100yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:atom x5-e3940scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2186gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium a1020scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j1850scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-1035g4scope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:5.3.11

Trust: 1.0

vendor:intelmodel:core i9-7960xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-1035g7scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold g5400tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g4950scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3930scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7800xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-9900tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:atom x5-e3930scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m5-6y54scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3930escope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7567uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2224scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3060scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10510uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium d1517scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold g5500tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-9350kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2278gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-5557uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2254mlscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-6360uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold g4600scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2288gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8400tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n4100scope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:4.9.201

Trust: 1.0

vendor:intelmodel:core i5-8500tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g4930scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2820scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2840scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5\+8400scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium 4405uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8500yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold g5420tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2176gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-7920xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10310yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7267uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:4.4.201

Trust: 1.0

vendor:intelmodel:xeon e-2144gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7440hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2276mescope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8809gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8400bscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8750hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7\+8700scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3930tescope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6700scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6920hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2174gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-9600scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10710uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium d1507scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold g5500scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-7300tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1505m v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-6287uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6770hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j4005scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-8100scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7y75scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10920xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3060scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2807scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2808scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium 3825uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-9300hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8700tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-5500uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3450scope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server ausscope:eqversion:7.2

Trust: 1.0

vendor:intelmodel:core i7-8700scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-7320scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m-5y10ascope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium d1508scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2226gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8350uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1558l v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium d1509scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m7-6y75scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-5650uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:4.19.84

Trust: 1.0

vendor:intelmodel:core i9-9900scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-9700scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-10510yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1501m v6scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6567uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-5300uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8705gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2930scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8500scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8709gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold 4415uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j1800scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6600uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2920scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium silver n5000scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3455scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-5700hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-6167uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-8100tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1501l v6scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8400scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7700kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7600kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j1750scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7400scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-6100hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7y57scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium g4400scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2244gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3900tescope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2136scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8365uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2286mscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g4920scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-9700tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10210yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2146gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7500uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-9940xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2254mescope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2815scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7560uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n4020scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2276gscope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:intelmodel:pentium gold g5400scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6560uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-9750hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-9500scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2124gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5\+8500scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium silver j5040scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-9100scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3902escope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8250uscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server tusscope:eqversion:7.2

Trust: 1.0

vendor:intelmodel:pentium silver j5005scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6500uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-6100uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-9600tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium 3560mscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-8300scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold g5420scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-5157uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1578l v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-9300scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2134scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3150scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-7100hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6820hkscope:eqversion: -

Trust: 1.0

vendor:intelmodel:atom x7-e3950scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-8300tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2940scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3000scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m-5y71scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-8350kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1505m v6scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-9900xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8700bscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1535m v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-5350uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-7980xescope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-6350hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m-5y10scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g4900tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-9300tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7600uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-10210uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2246gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium 4405yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8565uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium g4600tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-7900xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-5775cscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m-5y70scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6870hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-9900ksscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-5020uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7820hkscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8665uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8600scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-9900kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2234scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-6260uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2830scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7287uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1535m v6scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3350scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-7100uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-9500tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-5950hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6700tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-5200uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-7350kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-5550uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g4900scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium n3530scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium 3805uscope:eqversion: -

Trust: 1.0

vendor:redhatmodel:enterprise linux server eusscope:eqversion:7.5

Trust: 1.0

vendor:intelmodel:core i3-1005g1scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3900escope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-9850hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-9920xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold 4410yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3355scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2126gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-8145uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j4105scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1585 v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2276mlscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-8950hkscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7300hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-1035g1scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-5600uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1575m v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n4120scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3160scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-5287uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6700hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7700scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2278gelscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold g5600scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2124scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1505l v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2805scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8259uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j4125scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8700kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2276mscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium j3710scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-9130uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-7300scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-7100tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8086kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-9980xescope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2910scope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:26.20.100.6813

Trust: 1.0

vendor:intelmodel:core i5-9400hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7600tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8550uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6970hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-8109uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium silver n5030scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6700tescope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1545m v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-10110uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3930tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2224gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1585l v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j4025scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3350escope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:15.45.5077

Trust: 1.0

vendor:intelmodel:core i9-9960xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m-5y31scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7820hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3900tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7920hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2286gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-1065g7scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g4932escope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8600kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3010scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-9980hkscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m3-6y30scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7700hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold g5620scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium d1519scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m3-7y30scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3950scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2278gescope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-9880hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium n3540scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-7100scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8269uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-6300hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-6200uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8400hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold 4415yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6660uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10900xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n4000scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-5350hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2810scope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium j4205scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2176mscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7700tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-6300uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m-5y10cscope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:4.14.154

Trust: 1.0

vendor:intelmodel:pentium gold g4560scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-6440hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g4930escope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1565l v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-9400scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7200uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g4930tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7820xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10980xescope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7360uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8305gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8600tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8850hscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n3050scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1515m v5scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j1900scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7500scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-6650uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core m-5y51scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-6267uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-5015uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-5250uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8500bscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3920scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-9600kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7300uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-7940xscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-9320scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-9400tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7400tscope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron g3900scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7600scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i3-5005uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8650uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-7660uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-5750hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2186mscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-9700kscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8265uscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-8706gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2274gscope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e3-1505l v6scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron n2806scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3160scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-8200yscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i7-5850hqscope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i5-7y54scope:eqversion: -

Trust: 1.0

vendor:intelmodel:celeron j3355escope:eqversion: -

Trust: 1.0

vendor:intelmodel:pentium gold g4620scope:eqversion: -

Trust: 1.0

vendor:intelmodel:xeon e-2236scope:eqversion: -

Trust: 1.0

vendor:intelmodel:core i9-10900xscope: - version: -

Trust: 0.8

vendor:intelmodel:core i9-10920xscope: - version: -

Trust: 0.8

vendor:intelmodel:core i9-10980xescope: - version: -

Trust: 0.8

vendor:intelmodel:core i9-7960xscope: - version: -

Trust: 0.8

vendor:intelmodel:core i9-9900xscope: - version: -

Trust: 0.8

vendor:intelmodel:core i9-9920xscope: - version: -

Trust: 0.8

vendor:intelmodel:core i9-9940xscope: - version: -

Trust: 0.8

vendor:intelmodel:core i9-9960xscope: - version: -

Trust: 0.8

vendor:intelmodel:core i9-9980xscope: - version: -

Trust: 0.8

vendor:intelmodel:graphics driverscope: - version: -

Trust: 0.8

vendor:red hatmodel:enterprise linux serverscope:eqversion:aus

Trust: 0.8

vendor:red hatmodel:enterprise linux serverscope:eqversion:eus

Trust: 0.8

vendor:red hatmodel:enterprise linux serverscope:eqversion:tus

Trust: 0.8

sources: JVNDB: JVNDB-2019-012191 // NVD: CVE-2019-0155

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-0155
value: HIGH

Trust: 1.0

NVD: CVE-2019-0155
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201911-604
value: HIGH

Trust: 0.6

VULHUB: VHN-140186
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-0155
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-140186
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-0155
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-0155
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-140186 // JVNDB: JVNDB-2019-012191 // CNNVD: CNNVD-201911-604 // NVD: CVE-2019-0155

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-269

Trust: 0.9

sources: VULHUB: VHN-140186 // JVNDB: JVNDB-2019-012191 // NVD: CVE-2019-0155

THREAT TYPE

local

Trust: 0.7

sources: PACKETSTORM: 155303 // CNNVD: CNNVD-201911-604

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201911-604

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-012191

PATCH

title:INTEL-SA-00242url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 0.8

title:RHSA-2019:3841url:https://access.redhat.com/errata/RHSA-2019:3841

Trust: 0.8

title:RHSA-2019:3887url:https://access.redhat.com/errata/RHSA-2019:3887

Trust: 0.8

title:RHSA-2019:3908url:https://access.redhat.com/errata/RHSA-2019:3908

Trust: 0.8

title:RHSA-2019:3889url:https://access.redhat.com/errata/RHSA-2019:3889

Trust: 0.8

title:Multiple Intel Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=102909

Trust: 0.6

sources: JVNDB: JVNDB-2019-012191 // CNNVD: CNNVD-201911-604

EXTERNAL IDS

db:NVDid:CVE-2019-0155

Trust: 3.6

db:PACKETSTORMid:155375

Trust: 1.8

db:JVNid:JVNVU90354904

Trust: 0.8

db:JVNDBid:JVNDB-2019-012191

Trust: 0.8

db:PACKETSTORMid:155347

Trust: 0.7

db:PACKETSTORMid:155402

Trust: 0.7

db:CNNVDid:CNNVD-201911-604

Trust: 0.7

db:PACKETSTORMid:156058

Trust: 0.7

db:PACKETSTORMid:155338

Trust: 0.7

db:PACKETSTORMid:155318

Trust: 0.7

db:PACKETSTORMid:155280

Trust: 0.7

db:AUSCERTid:ESB-2019.4385

Trust: 0.6

db:AUSCERTid:ESB-2019.4333

Trust: 0.6

db:AUSCERTid:ESB-2019.4676

Trust: 0.6

db:AUSCERTid:ESB-2019.4346.2

Trust: 0.6

db:AUSCERTid:ESB-2019.4286

Trust: 0.6

db:AUSCERTid:ESB-2020.0141

Trust: 0.6

db:AUSCERTid:ESB-2019.4346

Trust: 0.6

db:AUSCERTid:ESB-2019.4584

Trust: 0.6

db:AUSCERTid:ESB-2019.4252

Trust: 0.6

db:AUSCERTid:ESB-2020.3064

Trust: 0.6

db:AUSCERTid:ESB-2020.0262

Trust: 0.6

db:LENOVOid:LEN-28235

Trust: 0.6

db:PACKETSTORMid:155329

Trust: 0.2

db:PACKETSTORMid:155346

Trust: 0.2

db:PACKETSTORMid:155316

Trust: 0.1

db:PACKETSTORMid:155326

Trust: 0.1

db:PACKETSTORMid:155317

Trust: 0.1

db:PACKETSTORMid:155334

Trust: 0.1

db:PACKETSTORMid:155330

Trust: 0.1

db:VULHUBid:VHN-140186

Trust: 0.1

db:PACKETSTORMid:155303

Trust: 0.1

db:PACKETSTORMid:155335

Trust: 0.1

db:PACKETSTORMid:155333

Trust: 0.1

db:PACKETSTORMid:155332

Trust: 0.1

sources: VULHUB: VHN-140186 // JVNDB: JVNDB-2019-012191 // PACKETSTORM: 156058 // PACKETSTORM: 155338 // PACKETSTORM: 155318 // PACKETSTORM: 155375 // PACKETSTORM: 155303 // PACKETSTORM: 155280 // PACKETSTORM: 155335 // PACKETSTORM: 155346 // PACKETSTORM: 155333 // PACKETSTORM: 155329 // PACKETSTORM: 155332 // CNNVD: CNNVD-201911-604 // NVD: CVE-2019-0155

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2019-0155

Trust: 2.5

url:https://access.redhat.com/errata/rhsa-2020:0204

Trust: 2.4

url:http://packetstormsecurity.com/files/155375/slackware-security-advisory-slackware-14.2-kernel-updates.html

Trust: 2.3

url:https://access.redhat.com/errata/rhsa-2019:3908

Trust: 2.3

url:https://access.redhat.com/errata/rhsa-2019:3887

Trust: 1.8

url:https://seclists.org/bugtraq/2019/nov/26

Trust: 1.7

url:https://security.netapp.com/advisory/ntap-20200320-0005/

Trust: 1.7

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2019:3841

Trust: 1.7

url:https://access.redhat.com/errata/rhsa-2019:3889

Trust: 1.7

url:https://usn.ubuntu.com/4186-2/

Trust: 1.7

url:https://access.redhat.com/security/cve/cve-2019-0155

Trust: 1.0

url:https://support.f5.com/csp/article/k73659122?utm_source=f5support&amp%3butm_medium=rss

Trust: 1.0

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0155

Trust: 0.9

url:https://jvn.jp/vu/jvnvu90354904/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-0154

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-11135

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-12207

Trust: 0.7

url:https://support.f5.com/csp/article/k73659122?utm_source=f5support&utm_medium=rss

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20193294-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html

Trust: 0.6

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html

Trust: 0.6

url:https://www.debian.org/security/2019/dsa-4564

Trust: 0.6

url:https://packetstormsecurity.com/files/155338/red-hat-security-advisory-2019-3883-01.html

Trust: 0.6

url:https://vigilance.fr/vulnerability/intel-graphic-driver-denial-of-service-via-userspace-write-on-blitter-command-streamer-30845

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4676/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4346/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4333/

Trust: 0.6

url:https://packetstormsecurity.com/files/155280/debian-security-advisory-4564-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4252/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4584/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4286/

Trust: 0.6

url:https://packetstormsecurity.com/files/155347/red-hat-security-advisory-2019-3889-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/155402/red-hat-security-advisory-2019-3908-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4385/

Trust: 0.6

url:https://packetstormsecurity.com/files/155318/kernel-live-patch-security-notice-lsn-0059-1.html

Trust: 0.6

url:https://support.lenovo.com/us/en/product_security/len-28235

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0141/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0262/

Trust: 0.6

url:https://packetstormsecurity.com/files/156058/red-hat-security-advisory-2020-0204-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.3064/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4346.2/

Trust: 0.6

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.4

url:https://access.redhat.com/articles/11258

Trust: 0.4

url:https://access.redhat.com/security/team/contact/

Trust: 0.4

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.4

url:https://bugzilla.redhat.com/):

Trust: 0.4

url:https://access.redhat.com/security/team/key/

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2019-17666

Trust: 0.4

url:https://access.redhat.com/solutions/i915-graphics

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-16746

Trust: 0.3

url:https://bugs.launchpad.net/bugs/1852141

Trust: 0.3

url:https://wiki.ubuntu.com/securityteam/knowledgebase/taa_mcepsc_i915

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-15792

Trust: 0.2

url:https://usn.ubuntu.com/4183-1

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-15791

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-15793

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17054

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17055

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-15098

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17056

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17053

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17052

Trust: 0.2

url:https://support.f5.com/csp/article/k73659122?utm_source=f5support&amp;amp;utm_medium=rss

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-5489

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-0154

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-16884

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-11135

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14821

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14821

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14901

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-5489

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14816

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14901

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-10126

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-9506

Trust: 0.1

url:https://access.redhat.com/security/vulnerabilities/ifu-page-mce

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-3900

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2018-12207

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-9506

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-14816

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-16884

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-3900

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-10126

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2019:3883

Trust: 0.1

url:https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0154

Trust: 0.1

url:http://slackware.com

Trust: 0.1

url:http://osuosl.org)

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11135

Trust: 0.1

url:http://slackware.com/gpg-key

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/5.3.0-1007.8

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/5.3.0-1008.9

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/5.3.0-1006.7

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/5.3.0-1007.8

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/5.3.0-1007.8

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/5.3.0-22.24

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi2/5.3.0-1012.14

Trust: 0.1

url:https://software.intel.com/security-software-guidance/insights/deep-dive-machine-check-error-avoidance-page-size-change-0>.

Trust: 0.1

url:https://en.wikipedia.org/wiki/list_of_intel_graphics_processing_units#gen8>.

Trust: 0.1

url:https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/tsx_async_abort.html>

Trust: 0.1

url:https://en.wikipedia.org/wiki/list_of_intel_graphics_processing_units#gen9>.

Trust: 0.1

url:https://www.debian.org/security/faq

Trust: 0.1

url:https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/multihit.html>

Trust: 0.1

url:https://security-tracker.debian.org/tracker/linux

Trust: 0.1

url:https://www.debian.org/security/

Trust: 0.1

url:https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort>.

Trust: 0.1

url:https://usn.ubuntu.com/4186-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/4.4.0-169.198

Trust: 0.1

url:https://usn.ubuntu.com/4186-3

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2215

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1064.73

Trust: 0.1

url:https://usn.ubuntu.com/4185-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/4.15.0-70.79

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-70.79~16.04.1

Trust: 0.1

url:https://bugs.launchpad.net/bugs/1851709,

Trust: 0.1

url:https://usn.ubuntu.com/4185-3

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2019:3872

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/5.3.0-23.25

Trust: 0.1

url:https://usn.ubuntu.com/4183-2

Trust: 0.1

sources: VULHUB: VHN-140186 // JVNDB: JVNDB-2019-012191 // PACKETSTORM: 156058 // PACKETSTORM: 155338 // PACKETSTORM: 155318 // PACKETSTORM: 155375 // PACKETSTORM: 155303 // PACKETSTORM: 155280 // PACKETSTORM: 155335 // PACKETSTORM: 155346 // PACKETSTORM: 155333 // PACKETSTORM: 155329 // PACKETSTORM: 155332 // CNNVD: CNNVD-201911-604 // NVD: CVE-2019-0155

CREDITS

Debian,Red Hat,Slackware Security Team,Benjamin M. Romer

Trust: 0.6

sources: CNNVD: CNNVD-201911-604

SOURCES

db:VULHUBid:VHN-140186
db:JVNDBid:JVNDB-2019-012191
db:PACKETSTORMid:156058
db:PACKETSTORMid:155338
db:PACKETSTORMid:155318
db:PACKETSTORMid:155375
db:PACKETSTORMid:155303
db:PACKETSTORMid:155280
db:PACKETSTORMid:155335
db:PACKETSTORMid:155346
db:PACKETSTORMid:155333
db:PACKETSTORMid:155329
db:PACKETSTORMid:155332
db:CNNVDid:CNNVD-201911-604
db:NVDid:CVE-2019-0155

LAST UPDATE DATE

2024-12-23T20:18:28.647000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-140186date:2020-01-30T00:00:00
db:JVNDBid:JVNDB-2019-012191date:2019-11-27T00:00:00
db:CNNVDid:CNNVD-201911-604date:2022-04-24T00:00:00
db:NVDid:CVE-2019-0155date:2024-11-21T04:16:21.713

SOURCES RELEASE DATE

db:VULHUBid:VHN-140186date:2019-11-14T00:00:00
db:JVNDBid:JVNDB-2019-012191date:2019-11-27T00:00:00
db:PACKETSTORMid:156058date:2020-01-23T00:26:55
db:PACKETSTORMid:155338date:2019-11-14T15:56:37
db:PACKETSTORMid:155318date:2019-11-13T17:20:10
db:PACKETSTORMid:155375date:2019-11-18T15:22:09
db:PACKETSTORMid:155303date:2019-11-13T17:15:23
db:PACKETSTORMid:155280date:2019-11-12T21:45:25
db:PACKETSTORMid:155335date:2019-11-14T15:56:10
db:PACKETSTORMid:155346date:2019-11-15T16:13:27
db:PACKETSTORMid:155333date:2019-11-14T15:55:24
db:PACKETSTORMid:155329date:2019-11-14T15:53:36
db:PACKETSTORMid:155332date:2019-11-14T15:55:18
db:CNNVDid:CNNVD-201911-604date:2019-11-12T00:00:00
db:NVDid:CVE-2019-0155date:2019-11-14T19:15:12.877