Risk | High |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2017-18551 CVE-2019-9454 CVE-2019-19447 CVE-2019-20636 CVE-2020-12770 |
CWE-ID | CWE-787 CWE-416 CWE-20 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software |
kernel (Red Hat package) Operating systems & Components / Operating system package or component Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions Operating systems & Components / Operating system package or component Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions Operating systems & Components / Operating system package or component Red Hat Enterprise Linux Server - TUS Operating systems & Components / Operating system Red Hat Enterprise Linux Server - AUS Operating systems & Components / Operating system |
Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU20858
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-18551
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise vulnerable system.
The vulnerability exists due to a boundary error in the "drivers/i2c/i2c-core-smbus.c" file when processing untrusted input. A local authenticated user access the system and execute an application that submits malicious input to the affected software, trigger an out-of-bounds write condition in the "i2c_smbus_xfer_emulated" function and execute arbitrary code or cause a DoS condition on the target system.
Install updates from vendor's website.
kernel (Red Hat package): 3.10.0-123.1.2.el7 - 3.10.0-693.77.1.el7
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.4
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 7.4
Red Hat Enterprise Linux Server - TUS: 7.4
Red Hat Enterprise Linux Server - AUS: 7.4
CPE2.3http://access.redhat.com/errata/RHSA-2020:5430
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU35559
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-9454
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to execute arbitrary code.
In the Android kernel in i2c driver there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
MitigationInstall updates from vendor's website.
kernel (Red Hat package): 3.10.0-123.1.2.el7 - 3.10.0-693.77.1.el7
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.4
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 7.4
Red Hat Enterprise Linux Server - TUS: 7.4
Red Hat Enterprise Linux Server - AUS: 7.4
CPE2.3http://access.redhat.com/errata/RHSA-2020:5430
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU34985
Risk: High
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-19447
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to execute arbitrary code.
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
MitigationInstall updates from vendor's website.
kernel (Red Hat package): 3.10.0-123.1.2.el7 - 3.10.0-693.77.1.el7
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.4
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 7.4
Red Hat Enterprise Linux Server - TUS: 7.4
Red Hat Enterprise Linux Server - AUS: 7.4
CPE2.3http://access.redhat.com/errata/RHSA-2020:5430
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU30312
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-20636
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local privileged user to execute arbitrary code.
In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.
MitigationInstall updates from vendor's website.
kernel (Red Hat package): 3.10.0-123.1.2.el7 - 3.10.0-693.77.1.el7
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.4
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 7.4
Red Hat Enterprise Linux Server - TUS: 7.4
Red Hat Enterprise Linux Server - AUS: 7.4
CPE2.3http://access.redhat.com/errata/RHSA-2020:5430
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU28170
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-12770
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to execute arbitrary code on the system.
The vulnerability exists due to the "sg_write" lacks an "sg_remove_request" call in a certain failure case. A local user can pass specially crafted input to the application and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
kernel (Red Hat package): 3.10.0-123.1.2.el7 - 3.10.0-693.77.1.el7
Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.4
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions: 7.4
Red Hat Enterprise Linux Server - TUS: 7.4
Red Hat Enterprise Linux Server - AUS: 7.4
CPE2.3http://access.redhat.com/errata/RHSA-2020:5430
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.