Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2020-5528

Опубликовано: 30 янв. 2020
Источник: oracle-oval
Платформа: Oracle Linux 7

Описание

ELSA-2020-5528: Unbreakable Enterprise kernel security update (IMPORTANT)

[4.14.35-1902.10.4.1.el7uek]

  • IB/mlx4: Fix use after free in RDMA CM disconnect code path (Manjunath Patil) [Orabug: 30815818]
  • IB/mlx4: Fix leak in id_map_find_del (Hakon Bugge) [Orabug: 30815811]
  • RDMA/cma: Relax device check in cma_match_net_dev() (Hakon Bugge) [Orabug: 30815802]
  • KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) (Paolo Bonzini) [Orabug: 30815773] {CVE-2019-19332}

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

kernel-uek

4.14.35-1902.10.4.1.el7uek

kernel-uek-debug

4.14.35-1902.10.4.1.el7uek

kernel-uek-debug-devel

4.14.35-1902.10.4.1.el7uek

kernel-uek-devel

4.14.35-1902.10.4.1.el7uek

kernel-uek-headers

4.14.35-1902.10.4.1.el7uek

kernel-uek-tools

4.14.35-1902.10.4.1.el7uek

kernel-uek-tools-libs

4.14.35-1902.10.4.1.el7uek

kernel-uek-tools-libs-devel

4.14.35-1902.10.4.1.el7uek

perf

4.14.35-1902.10.4.1.el7uek

python-perf

4.14.35-1902.10.4.1.el7uek

Oracle Linux x86_64

kernel-uek

4.14.35-1902.10.4.1.el7uek

kernel-uek-debug

4.14.35-1902.10.4.1.el7uek

kernel-uek-debug-devel

4.14.35-1902.10.4.1.el7uek

kernel-uek-devel

4.14.35-1902.10.4.1.el7uek

kernel-uek-doc

4.14.35-1902.10.4.1.el7uek

kernel-uek-tools

4.14.35-1902.10.4.1.el7uek

Связанные CVE

CVE-2019-19332
CVE-2019-15917
CVE-2019-3016

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2020-5533

oracle-oval
больше 5 лет назад

ELSA-2020-5533: Unbreakable Enterprise kernel security update (IMPORTANT)

oracle-oval логотип

ELSA-2020-5526

oracle-oval
больше 5 лет назад

ELSA-2020-5526: Unbreakable Enterprise kernel security update (IMPORTANT)

ubuntu логотип

CVE-2019-19332

CVSS3: 6.1
ubuntu
больше 5 лет назад

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.

redhat логотип

CVE-2019-19332

CVSS3: 6.1
redhat
больше 5 лет назад

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.

nvd логотип

CVE-2019-19332

CVSS3: 6.1
nvd
больше 5 лет назад

An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVM_GET_EMULATED_CPUID' ioctl(2) request to get CPUID features emulated by the KVM hypervisor. A user or process able to access the '/dev/kvm' device could use this flaw to crash the system, resulting in a denial of service.