Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2019-2863

Опубликовано: 23 сент. 2019
Источник: oracle-oval
Платформа: Oracle Linux 6

Описание

ELSA-2019-2863: kernel security update (IMPORTANT)

[2.6.32-754.23.1.OL6]

  • Update genkey [bug 25599697]

[2.6.32-754.23.1]

  • [vhost] vhost: make sure log_num < in_num (Eugenio Perez) [1750869 1750869] {CVE-2019-14835}

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

kernel

2.6.32-754.23.1.el6

kernel-abi-whitelists

2.6.32-754.23.1.el6

kernel-debug

2.6.32-754.23.1.el6

kernel-debug-devel

2.6.32-754.23.1.el6

kernel-devel

2.6.32-754.23.1.el6

kernel-doc

2.6.32-754.23.1.el6

kernel-firmware

2.6.32-754.23.1.el6

kernel-headers

2.6.32-754.23.1.el6

perf

2.6.32-754.23.1.el6

python-perf

2.6.32-754.23.1.el6

Oracle Linux i686

kernel

2.6.32-754.23.1.el6

kernel-abi-whitelists

2.6.32-754.23.1.el6

kernel-debug

2.6.32-754.23.1.el6

kernel-debug-devel

2.6.32-754.23.1.el6

kernel-devel

2.6.32-754.23.1.el6

kernel-doc

2.6.32-754.23.1.el6

kernel-firmware

2.6.32-754.23.1.el6

kernel-headers

2.6.32-754.23.1.el6

perf

2.6.32-754.23.1.el6

python-perf

2.6.32-754.23.1.el6

Связанные CVE

CVE-2019-14835

Ссылки на источники

Связанные уязвимости

ubuntu логотип

CVE-2019-14835

CVSS3: 7.8
ubuntu
почти 6 лет назад

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

redhat логотип

CVE-2019-14835

CVSS3: 7.2
redhat
почти 6 лет назад

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

nvd логотип

CVE-2019-14835

CVSS3: 7.8
nvd
почти 6 лет назад

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

debian логотип

CVE-2019-14835

CVSS3: 7.8
debian
почти 6 лет назад

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in ...

suse-cvrf логотип

SUSE-SU-2019:2613-1

suse-cvrf
больше 5 лет назад

Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)