Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
NameCVE-2019-14835First vendor Publication2019-09-17
VendorCveLast vendor Modification2019-09-19

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score7.2Attack RangeLocal
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score3.9AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14835

CWE : Common Weakness Enumeration

%idName
100 %CWE-120Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Os2
Os1910
Os3
Os1

Sources (Detail)

SourceUrl
BUGTRAQ https://seclists.org/bugtraq/2019/Sep/41
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
DEBIAN https://www.debian.org/security/2019/dsa-4531
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
MISC http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice...
https://www.openwall.com/lists/oss-security/2019/09/17/1
MLIST http://www.openwall.com/lists/oss-security/2019/09/24/1
http://www.openwall.com/lists/oss-security/2019/10/03/1
http://www.openwall.com/lists/oss-security/2019/10/09/3
http://www.openwall.com/lists/oss-security/2019/10/09/7
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html
REDHAT https://access.redhat.com/errata/RHBA-2019:2824
https://access.redhat.com/errata/RHSA-2019:2827
https://access.redhat.com/errata/RHSA-2019:2828
https://access.redhat.com/errata/RHSA-2019:2829
https://access.redhat.com/errata/RHSA-2019:2830
https://access.redhat.com/errata/RHSA-2019:2854
https://access.redhat.com/errata/RHSA-2019:2862
https://access.redhat.com/errata/RHSA-2019:2863
https://access.redhat.com/errata/RHSA-2019:2864
https://access.redhat.com/errata/RHSA-2019:2865
https://access.redhat.com/errata/RHSA-2019:2866
https://access.redhat.com/errata/RHSA-2019:2867
https://access.redhat.com/errata/RHSA-2019:2869
https://access.redhat.com/errata/RHSA-2019:2889
https://access.redhat.com/errata/RHSA-2019:2899
https://access.redhat.com/errata/RHSA-2019:2900
https://access.redhat.com/errata/RHSA-2019:2901
https://access.redhat.com/errata/RHSA-2019:2924
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html
UBUNTU https://usn.ubuntu.com/4135-1/
https://usn.ubuntu.com/4135-2/

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
DateInformations
2019-10-11 12:08:03
  • Multiple Updates
2019-10-10 12:11:17
  • Multiple Updates
2019-10-04 12:11:04
  • Multiple Updates
2019-10-02 12:01:33
  • Multiple Updates
2019-10-01 01:09:44
  • Multiple Updates
2019-09-27 21:19:52
  • Multiple Updates
2019-09-25 21:19:44
  • Multiple Updates
2019-09-25 17:19:38
  • Multiple Updates
2019-09-25 09:19:46
  • Multiple Updates
2019-09-25 01:11:27
  • Multiple Updates
2019-09-25 01:10:47
  • Multiple Updates
2019-09-24 21:19:23
  • Multiple Updates
2019-09-24 17:19:23
  • Multiple Updates
2019-09-24 05:19:06
  • Multiple Updates
2019-09-24 01:11:12
  • Multiple Updates
2019-09-24 01:10:35
  • Multiple Updates
2019-09-23 21:19:53
  • Multiple Updates
2019-09-23 17:21:00
  • Multiple Updates
2019-09-22 05:19:27
  • Multiple Updates
2019-09-20 17:19:25
  • Multiple Updates
2019-09-20 13:19:37
  • Multiple Updates
2019-09-19 09:19:20
  • Multiple Updates
2019-09-19 00:19:20
  • Multiple Updates
2019-09-18 17:19:21
  • Multiple Updates
2019-09-17 21:19:30
  • First insertion