Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title kernel-rt security and bug fix update
Informations
Name RHSA-2019:2043 First vendor Publication 2019-08-06
Vendor RedHat Last vendor Modification 2019-08-06
Severity (Vendor) N/A Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux for Real Time (v. 7) - noarch, x86_64 Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64

3. Description:

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

* Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)

* Kernel: page cache side channel attacks (CVE-2019-5489)

* kernel: Buffer overflow in hidp_process_report (CVE-2018-9363)

* kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create() (CVE-2018-9517)

* kernel: kvm: guest userspace to guest kernel write (CVE-2018-10853)

* kernel: use-after-free Read in vhost_transport_send_pkt (CVE-2018-14625)

* kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c (CVE-2018-14734)

* kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests (CVE-2018-15594)

* kernel: TLB flush happens too late on mremap (CVE-2018-18281)

* kernel: Heap address information leak while using L2CAP_GET_CONF_OPT (CVE-2019-3459)

* kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP (CVE-2019-3460)

* kernel: denial of service vector through vfio DMA mappings (CVE-2019-3882)

* kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (CVE-2019-11599)

* kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810)

* kernel: fs/ext4/extents.c leads to information disclosure (CVE-2019-11833)

* kernel: Information exposure in fd_locked_ioctl function in drivers/block/floppy.c (CVE-2018-7755)

* kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service (CVE-2018-8087)

* kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c (CVE-2018-9516)

* kernel: Integer overflow in the alarm_timer_nsleep function (CVE-2018-13053)

* kernel: NULL pointer dereference in lookup_slow function (CVE-2018-13093)

* kernel: NULL pointer dereference in xfs_da_shrink_inode function (CVE-2018-13094)

* kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c (CVE-2018-13095)

* kernel: Information leak in cdrom_ioctl_drive_status (CVE-2018-16658)

* kernel: out-of-bound read in memcpy_fromiovecend() (CVE-2018-16885)

* Kernel: KVM: leak of uninitialized stack contents to guest (CVE-2019-7222)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

1553216 - CVE-2018-7755 kernel: Information exposure in fd_locked_ioctl function in drivers/block/floppy.c 1555145 - CVE-2018-8087 kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service 1573916 - kernel-rt-kvm multiversion 1589890 - CVE-2018-10853 kernel: kvm: guest userspace to guest kernel write 1593361 - Update kernel-rt timer wheel code 1597747 - CVE-2018-13053 kernel: Integer overflow in the alarm_timer_nsleep function 1597766 - CVE-2018-13093 kernel: NULL pointer dereference in lookup_slow function 1597771 - CVE-2018-13094 kernel: NULL pointer dereference in xfs_da_shrink_inode function 1597775 - CVE-2018-13095 kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c 1611005 - CVE-2018-14734 kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c 1619846 - CVE-2018-14625 kernel: use-after-free Read in vhost_transport_send_pkt 1620555 - CVE-2018-15594 kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests 1623067 - CVE-2018-9363 kernel: Buffer overflow in hidp_process_report 1627731 - CVE-2018-16658 kernel: Information leak in cdrom_ioctl_drive_status 1631036 - CVE-2018-9516 kernel: HID: debug: Buffer overflow in hid_debug_events_read() in drivers/hid/hid-debug.c 1631045 - CVE-2018-9517 kernel: l2tp: Race condition between pppol2tp_session_create() and l2tp_eth_create() 1642619 - RT: update kernel-rt source tree to match RHEL 7.7 tree 1645121 - CVE-2018-18281 kernel: TLB flush happens too late on mremap 1661503 - CVE-2018-16885 kernel: out-of-bound read in memcpy_fromiovecend() 1663176 - CVE-2019-3459 kernel: Heap address information leak while using L2CAP_GET_CONF_OPT 1663179 - CVE-2019-3460 kernel: Heap address information leak while using L2CAP_PARSE_CONF_RSP 1664110 - CVE-2019-5489 Kernel: page cache side channel attacks 1664380 - BUG: scheduling while atomic: kworker/1:1/24117/0x00000002 1665278 - hrtimers: WARNING: CPU: 8 PID: 79 at kernel/hrtimer.c:1506 run_hrtimer_softirq+0x264/0x270 1671126 - NMI watchdog ineffective due to mismerge 1671930 - CVE-2019-7222 Kernel: KVM: leak of uninitialized stack contents to guest 1684745 - VM hangs on RHEL rt-kernel and OSP 13 1689426 - CVE-2019-3882 kernel: denial of service vector through vfio DMA mappings 1698757 - CVE-2019-3900 Kernel: vhost_net: infinite loop while receiving packets leads to DoS 1705937 - CVE-2019-11599 kernel: fix race condition between mmget_not_zero()/get_task_mm() and core dumping 1709164 - CVE-2019-11810 kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS 1712072 - CVE-2019-11833 kernel: fs/ext4/extents.c leads to information disclosure 1717212 - KVM tracebacks causing significant latency to VM

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2019-2043.html

CWE : Common Weakness Enumeration

% Id Name
17 % CWE-416 Use After Free
12 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
12 % CWE-476 NULL Pointer Dereference
12 % CWE-200 Information Exposure
8 % CWE-190 Integer Overflow or Wraparound (CWE/SANS Top 25)
8 % CWE-125 Out-of-bounds Read
4 % CWE-772 Missing Release of Resource after Effective Lifetime
4 % CWE-770 Allocation of Resources Without Limits or Throttling
4 % CWE-667 Insufficient Locking
4 % CWE-459 Incomplete Cleanup
4 % CWE-319 Cleartext Transmission of Sensitive Information
4 % CWE-269 Improper Privilege Management
4 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 7
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Os 10
Os 3
Os 4
Os 1
Os 3454
Os 3
Os 4
Os 1
Os 4
Os 3
Os 3
Os 3
Os 3
Os 1
Os 3
Os 3
Os 1
Os 1

Nessus® Vulnerability Scanner

Date Description
2019-01-17 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2019-f812c9fb22.nasl - Type : ACT_GATHER_INFO
2019-01-17 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2019-509c133845.nasl - Type : ACT_GATHER_INFO
2019-01-14 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2019-1145.nasl - Type : ACT_GATHER_INFO
2019-01-10 Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2019-1145.nasl - Type : ACT_GATHER_INFO
2019-01-03 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2018-59e4747e0f.nasl - Type : ACT_GATHER_INFO
2019-01-03 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2018-2645eb8dab.nasl - Type : ACT_GATHER_INFO
2019-01-03 Name : The remote Fedora host is missing a security update.
File : fedora_2018-50075276e8.nasl - Type : ACT_GATHER_INFO
2019-01-03 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2018-6e8c330d50.nasl - Type : ACT_GATHER_INFO
2019-01-03 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2018-ca0e10fc6e.nasl - Type : ACT_GATHER_INFO
2019-01-03 Name : The remote Fedora host is missing a security update.
File : fedora_2018-f1b818a5c9.nasl - Type : ACT_GATHER_INFO
2018-12-28 Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1433.nasl - Type : ACT_GATHER_INFO
2018-12-28 Name : The remote EulerOS host is missing multiple security updates.
File : EulerOS_SA-2018-1432.nasl - Type : ACT_GATHER_INFO
2018-12-28 Name : The remote EulerOS Virtualization host is missing a security update.
File : EulerOS_SA-2018-1407.nasl - Type : ACT_GATHER_INFO
2018-11-21 Name : The remote EulerOS Virtualization host is missing a security update.
File : EulerOS_SA-2018-1373.nasl - Type : ACT_GATHER_INFO
2018-11-21 Name : The remote EulerOS Virtualization host is missing a security update.
File : EulerOS_SA-2018-1372.nasl - Type : ACT_GATHER_INFO
2018-11-21 Name : The remote EulerOS Virtualization host is missing a security update.
File : EulerOS_SA-2018-1370.nasl - Type : ACT_GATHER_INFO
2018-10-18 Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-2_0-0100.nasl - Type : ACT_GATHER_INFO
2018-10-11 Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-1086.nasl - Type : ACT_GATHER_INFO
2018-10-05 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1086.nasl - Type : ACT_GATHER_INFO
2018-10-04 Name : The remote Debian host is missing a security update.
File : debian_DLA-1531.nasl - Type : ACT_GATHER_INFO
2018-10-02 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4308.nasl - Type : ACT_GATHER_INFO
2018-09-21 Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-1_0-0184.nasl - Type : ACT_GATHER_INFO
2018-09-18 Name : The remote EulerOS Virtualization host is missing a security update.
File : EulerOS_SA-2018-1269.nasl - Type : ACT_GATHER_INFO
2018-08-17 Name : The remote PhotonOS host is missing multiple security updates.
File : PhotonOS_PHSA-2018-1_0-0135.nasl - Type : ACT_GATHER_INFO
2018-08-10 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2018-2f6df9abfb.nasl - Type : ACT_GATHER_INFO
2018-08-07 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2018-1048.nasl - Type : ACT_GATHER_INFO
2018-08-07 Name : The remote Amazon Linux 2 host is missing a security update.
File : al2_ALAS-2018-1051.nasl - Type : ACT_GATHER_INFO
2018-07-24 Name : The remote Fedora host is missing a security update.
File : fedora_2018-8484550fff.nasl - Type : ACT_GATHER_INFO
2018-07-20 Name : The remote Debian host is missing a security update.
File : debian_DLA-1423.nasl - Type : ACT_GATHER_INFO
2018-07-16 Name : The remote Debian host is missing a security update.
File : debian_DLA-1422.nasl - Type : ACT_GATHER_INFO
2018-06-18 Name : The remote Fedora host is missing a security update.
File : fedora_2018-b57db4753c.nasl - Type : ACT_GATHER_INFO
2018-05-02 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-4188.nasl - Type : ACT_GATHER_INFO
2018-03-21 Name : The remote Fedora host is missing a security update.
File : fedora_2018-296bf0c332.nasl - Type : ACT_GATHER_INFO
2018-03-21 Name : The remote Fedora host is missing a security update.
File : fedora_2018-959aac67a3.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2020-03-19 13:18:54
  • First insertion