CVE-2019-14835

Exploit

EPSS 0.05%
Veröffentlicht 17.09.2019 16:15:10
Zuletzt bearbeitet 21.11.2024 04:27:27
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 43

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 2.6.34 < 3.16.74

Linux ≫ Linux Kernel Version >= 4.4 < 4.4.193

Linux ≫ Linux Kernel Version >= 4.9 < 4.9.193

Linux ≫ Linux Kernel Version >= 4.14 < 4.14.144

Linux ≫ Linux Kernel Version >= 4.19 < 4.19.73

Linux ≫ Linux Kernel Version >= 5.2 < 5.2.15

Linux ≫ Linux Kernel Version5.3

Canonical ≫ Ubuntu Linux Version12.04 SwEdition-

Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version16.04 SwEditionesm

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version19.04

Debian ≫ Debian Linux Version8.0

Debian ≫ Debian Linux Version9.0

Debian ≫ Debian Linux Version10.0

Fedoraproject ≫ Fedora Version29

Fedoraproject ≫ Fedora Version30

Opensuse ≫ Leap Version15.0

Opensuse ≫ Leap Version15.1

Netapp ≫ Aff A700s Firmware Version-

Netapp ≫ Aff A700s

Netapp ≫ H410c Firmware Version-

Netapp ≫ H410c

Netapp ≫ H610s Firmware Version-

Netapp ≫ H610s

Netapp ≫ H300s Firmware Version-

Netapp ≫ H300s

Netapp ≫ H500s Firmware Version-

Netapp ≫ H500s

Netapp ≫ H700s Firmware Version-

Netapp ≫ H700s

Netapp ≫ H300e Firmware Version-

Netapp ≫ H300e

Netapp ≫ H500e Firmware Version-

Netapp ≫ H500e

Netapp ≫ H700e Firmware Version-

Netapp ≫ H700e

Netapp ≫ H410s Firmware Version-

Netapp ≫ H410s

Netapp ≫ Data Availability Services Version-

Netapp ≫ Hci Management Node Version-

Netapp ≫ Service Processor Version-

Netapp ≫ Solidfire Version-

Netapp ≫ Steelstore Cloud Integrated Storage Version-

Redhat ≫ Openshift Container Platform Version3.11

Redhat ≫ Enterprise Linux Version8.0

Redhat ≫ Enterprise Linux Desktop Version6.0

Redhat ≫ Enterprise Linux Desktop Version7.0

Redhat ≫ Enterprise Linux Eus Version7.5

Redhat ≫ Enterprise Linux Eus Version7.6

Redhat ≫ Enterprise Linux Eus Version7.7

Redhat ≫ Enterprise Linux For Real Time Version7

Redhat ≫ Enterprise Linux For Real Time Version8

Redhat ≫ Enterprise Linux Server Version6.0

Redhat ≫ Enterprise Linux Server Version7.0

Redhat ≫ Enterprise Linux Server Version7.6

Redhat ≫ Enterprise Linux Server Aus Version6.5

Redhat ≫ Enterprise Linux Server Aus Version6.6

Redhat ≫ Enterprise Linux Server Aus Version7.2

Redhat ≫ Enterprise Linux Server Aus Version7.3

Redhat ≫ Enterprise Linux Server Aus Version7.4

Redhat ≫ Enterprise Linux Server Aus Version7.6

Redhat ≫ Enterprise Linux Server Aus Version7.7

Redhat ≫ Enterprise Linux Server Tus Version7.2

Redhat ≫ Enterprise Linux Server Tus Version7.3

Redhat ≫ Enterprise Linux Server Tus Version7.4

Redhat ≫ Enterprise Linux Server Tus Version7.6

Redhat ≫ Enterprise Linux Server Tus Version7.7

Redhat ≫ Enterprise Linux Workstation Version6.0

Redhat ≫ Enterprise Linux Workstation Version7.0

Redhat ≫ Virtualization Version4.0

Redhat ≫ Enterprise Linux Version7.0

Redhat ≫ Virtualization Host Version4.0

Redhat ≫ Enterprise Linux Version7.0

Huawei ≫ Imanager Neteco Versionv600r009c00

Huawei ≫ Imanager Neteco Versionv600r009c10spc200

Huawei ≫ Imanager Neteco 6000 Versionv600r008c10spc300

Huawei ≫ Imanager Neteco 6000 Versionv600r008c20

Huawei ≫ Manageone Version6.5.0

Huawei ≫ Manageone Version6.5.0.spc100.b210

Huawei ≫ Manageone Version6.5.1rc1.b060

Huawei ≫ Manageone Version6.5.1rc1.b080

Huawei ≫ Manageone Version6.5.rc2.b050

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.158

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C
secalert@redhat.com	7.2	0.6	6	CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://access.redhat.com/errata/RHBA-2019:2824

Third Party Advisory

http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html

Third Party Advisory

VDB Entry

https://seclists.org/bugtraq/2019/Nov/11

Third Party Advisory

Mailing List

Issue Tracking

http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html

Third Party Advisory

VDB Entry