Risk | Low |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2018-10902 CVE-2018-20856 CVE-2019-11810 CVE-2019-9500 CVE-2019-9506 |
CWE-ID | CWE-415 CWE-416 CWE-476 CWE-122 CWE-310 |
Exploitation vector | Local network |
Public exploit | N/A |
Vulnerable software |
Red Hat Enterprise Linux for IBM System z (Structure A) Operating systems & Components / Operating system Red Hat Enterprise Linux for Power 9 Operating systems & Components / Operating system Red Hat Enterprise Linux for ARM 64 Operating systems & Components / Operating system kernel-alt (Red Hat package) Operating systems & Components / Operating system package or component |
Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU14490
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-10902
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to double-free memory error in snd_rawmidi_input_params() and snd_rawmidi_output_status() in 'rawmidi.c'. A local attacker can gain elevated privileges and execute arbitrary code.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for IBM System z (Structure A): 7.0
Red Hat Enterprise Linux for Power 9: 7.0
Red Hat Enterprise Linux for ARM 64: 7.0
kernel-alt (Red Hat package): before 4.14.0-115.14.1.el7a
CPE2.3https://access.redhat.com/errata/RHSA-2019:3217
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU19568
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-20856
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on a targeted system.
The vulnerability exists due to a use-after-free error when the "__blk_drain_queue()" function in the "block/blk-core.c" file mishandles error cases. A local authenticated attacker can access the system and execute an application that submits malicious input, cause a use-after-free memory operation error and execute arbitrary code on the targeted system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for IBM System z (Structure A): 7.0
Red Hat Enterprise Linux for Power 9: 7.0
Red Hat Enterprise Linux for ARM 64: 7.0
kernel-alt (Red Hat package): before 4.14.0-115.14.1.el7a
CPE2.3https://access.redhat.com/errata/RHSA-2019:3217
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU19995
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-11810
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for IBM System z (Structure A): 7.0
Red Hat Enterprise Linux for Power 9: 7.0
Red Hat Enterprise Linux for ARM 64: 7.0
kernel-alt (Red Hat package): before 4.14.0-115.14.1.el7a
CPE2.3https://access.redhat.com/errata/RHSA-2019:3217
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU23563
Risk: Low
CVSSv4.0: 2.3 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-9500
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in the "brcmf_wowl_nd_results()" function in "drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c" file. A remote attacker on the local network can trigger heap-based buffer overflow and cause a denial of service condition on the target system.
Install updates from vendor's website.
Red Hat Enterprise Linux for IBM System z (Structure A): 7.0
Red Hat Enterprise Linux for Power 9: 7.0
Red Hat Enterprise Linux for ARM 64: 7.0
kernel-alt (Red Hat package): before 4.14.0-115.14.1.el7a
CPE2.3https://access.redhat.com/errata/RHSA-2019:3217
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU20290
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-9506
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain access to sensitive information.
The vulnerability exists due to a weakness in Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification that allows an attacker with close proximity to the affected system to perform a man-in-the-middle attack on an encrypted Bluetooth connection.
Successful exploitation of the vulnerability may allow an attacker to gain access to sensitive information or perform unauthorized actions.
MitigationInstall updates from vendor's website.
Red Hat Enterprise Linux for IBM System z (Structure A): 7.0
Red Hat Enterprise Linux for Power 9: 7.0
Red Hat Enterprise Linux for ARM 64: 7.0
kernel-alt (Red Hat package): before 4.14.0-115.14.1.el7a
CPE2.3https://access.redhat.com/errata/RHSA-2019:3217
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.