SB2020031845 - Red Hat Enterprise Linux 7 update for kernel-rt

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020031845

SB2020031845 - Red Hat Enterprise Linux 7 update for kernel-rt

Published: March 18, 2020

Security Bulletin ID SB2020031845
Severity
Medium
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Adjecent network
Highest impact Code execution

Breakdown by Severity

Medium 25% Low 75%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Resource management error (CVE-ID: CVE-2019-11135)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition within the TSX Asynchronous Abort (TAA) in Intel CPUs. The TAA condition, on some microprocessors utilizing speculative execution, may allow an authenticated user to potentially enable information disclosure via a side channel.

2) Resource management error (CVE-ID: CVE-2019-11487)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a reference count overflow in page->_refcount that leads to a use-after-free error on systems with more than 140 GiB of RAM. A local user can send specially crafted FUSE requests that may lead to denial of service conditions.

The vulnerability is related to code in fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c files.


3) Buffer overflow (CVE-ID: CVE-2019-17666)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error within the P2P (Wifi-Direct) functionality in rtl_p2p_noa_ie() function in drivers/net/wireless/realtek/rtlwifi/ps.c in Linux kernel when processing Notice and Absence frames. A remote attacker can send specially crafted data via the wireless network, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Resource management error (CVE-ID: CVE-2019-19338)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to incomplete fix for Transaction Asynchronous Abort (TAA) issue on certain Intel CPUs (CVE-2019-11135). A local user on a guest operating system can exploit this vulnerability to gain access to sensitive information.


Remediation

Install update from vendor's website.

References