SciLinux: SLSA-2019-2829-1 Important: kernel on SL7.x x86_64

    Date20 Sep 2019
    250
    Posted ByLinuxSecurity Advisories
    A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835) SL7 x86 [More...]
    Synopsis:          Important: kernel security update
    Advisory ID:       SLSA-2019:2829-1
    Issue Date:        2019-09-20
    CVE Numbers:       None
    --
    
    Security Fix(es):
        
        * A buffer overflow flaw was found in the way Linux kernel's vhost
        functionality that translates virtqueue buffers to IOVs, logged the buffer
        descriptors during migration. A privileged guest user able to pass
        descriptors with invalid length to the host when migration is underway,
        could use this flaw to increase their privileges on the host.
        (CVE-2019-14835)
    --
    
    SL7
      x86_64
        bpftool-3.10.0-1062.1.2.el7.x86_64.rpm
        bpftool-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-debug-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-debug-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-debug-devel-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-debuginfo-common-x86_64-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-devel-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-headers-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-tools-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-tools-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-tools-libs-3.10.0-1062.1.2.el7.x86_64.rpm
        perf-3.10.0-1062.1.2.el7.x86_64.rpm
        perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
        python-perf-3.10.0-1062.1.2.el7.x86_64.rpm
        python-perf-debuginfo-3.10.0-1062.1.2.el7.x86_64.rpm
        kernel-tools-libs-devel-3.10.0-1062.1.2.el7.x86_64.rpm
      noarch
        kernel-abi-whitelists-3.10.0-1062.1.2.el7.noarch.rpm
        kernel-doc-3.10.0-1062.1.2.el7.noarch.rpm
    
    - Scientific Linux Development Team
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"22","type":"x","order":"1","pct":55,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":12.5,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"13","type":"x","order":"3","pct":32.5,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.