Описание
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. In the worst case (and likely most common virtualization) scenario this flaw affects KVM/qemu hypervisor enabled hosts running Linux guests.
Отчет
Red Hat Product Security is aware of this issue. Updates will be released as they become available. For additional information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/kernel-vhost
Меры по смягчению последствий
For mitigation related information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/kernel-vhost
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Fixed | RHSA-2019:2863 | 23.09.2019 |
| Red Hat Enterprise Linux 6.5 Advanced Update Support | kernel | Fixed | RHSA-2019:2901 | 25.09.2019 |
| Red Hat Enterprise Linux 6.6 Advanced Update Support | kernel | Fixed | RHSA-2019:2869 | 23.09.2019 |
| Red Hat Enterprise Linux 7 | kernel-rt | Fixed | RHSA-2019:2830 | 20.09.2019 |
| Red Hat Enterprise Linux 7 | kernel | Fixed | RHSA-2019:2829 | 20.09.2019 |
| Red Hat Enterprise Linux 7 | kpatch-patch | Fixed | RHSA-2019:2854 | 21.09.2019 |
| Red Hat Enterprise Linux 7 | kernel-alt | Fixed | RHSA-2019:2862 | 23.09.2019 |
| Red Hat Enterprise Linux 7.2 Advanced Update Support | kernel | Fixed | RHSA-2019:2899 | 25.09.2019 |
| Red Hat Enterprise Linux 7.2 Telco Extended Update Support | kernel | Fixed | RHSA-2019:2899 | 25.09.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.2 High
CVSS3
Связанные уязвимости
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in ...
Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2)
Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP1)
EPSS
7.2 High
CVSS3