Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2019-1959
HistoryAug 19, 2019 - 12:00 a.m.

kernel security, bug fix, and enhancement update

2019-08-1900:00:00
linux.oracle.com
75

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

JSON
  • [4.18.0-80.7.1_0.OL8]
  • Oracle Linux certificates (Alexey Petrenko)
  • Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
  • Update x509.genkey [Orabug: 24817676]
    [4.18.0-80.7.1_0]
  • [x86] Update stepping values for Whiskey Lake U/Y (David Arcari) [1722372 1704801]
  • [x86] x86/perf/amd: Resolve NMI latency issues for active PMCs (David Arcari) [1722367 1640238]
  • [x86] x86/perf/amd: Resolve race condition when disabling PMC (David Arcari) [1722367 1640238]
  • [edac] EDAC/amd64: Set maximum channel layer size depending on family (Gary Hook) [1722365 1690984]
  • [edac] EDAC/amd64: Adjust printed chip select sizes when interleaved (Gary Hook) [1722365 1690984]
  • [edac] EDAC/amd64: Recognize x16 symbol size (Gary Hook) [1722365 1690984]
  • [edac] EDAC/amd64: Support more than two Unified Memory Controllers (Gary Hook) [1722365 1690984]
  • [edac] EDAC/amd64: Use a macro for iterating over Unified Memory Controllers (Gary Hook) [1722365 1690984]
  • [edac] EDAC, amd64: Add Family 17h, models 10h-2fh support (Gary Hook) [1722365 1690984]
  • [edac] EDAC/amd64: Add Family 17h Model 30h PCI IDs (Aristeu Rozanski) [1722365 1696603]
  • [x86] mark AMD Rome processors supported (David Arcari) [1721972 1520002]
  • [x86] x86/mce: Handle varying MCA bank counts (David Arcari) [1721233 1668779]
  • [iommu] iommu/vt-d: Disable ATS support on untrusted devices (Jerry Snitselaar) [1700376 1692246]
  • [documentation] thunderbolt: Export IOMMU based DMA protection support to userspace (Jerry Snitselaar) [1700376 1692246]
  • [iommu] iommu/vt-d: Do not enable ATS for untrusted devices (Jerry Snitselaar) [1700376 1692246]
  • [iommu] iommu/vt-d: Force IOMMU on for platform opt in hint (Jerry Snitselaar) [1700376 1692246]
  • [pci] PCI / ACPI: Identify untrusted PCI devices (Myron Stowe) [1700376 1704979]
  • [acpi] ACPI / property: Allow multiple property compatible _DSD entries (Myron Stowe) [1700376 1537397]
  • [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719922 1719923] {CVE-2019-11479}
  • [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719922 1719923] {CVE-2019-11479}
  • [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719857 1719858] {CVE-2019-11478}
  • [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719602 1719603] {CVE-2019-11477}
    [4.18.0-80.6.1_0]
  • [mm] mm: defer ZONE_DEVICE page initialization to the point where we init pgmap (Waiman Long) [1719635 1666538]
  • [mm] mm: create non-atomic version of SetPageReserved for init use (Waiman Long) [1719635 1666538]
  • [mm] mm: provide kernel parameter to allow disabling page init poisoning (Waiman Long) [1719635 1666538]
  • [mm] mm, slub: restore the original intention of prefetch_freepointer() (Rafael Aquini) [1718237 1714671]
  • [security] selinux: do not report error on connect(AF_UNSPEC) (Ondrej Mosnacek) [1717870 1707828]
  • [security] selinux: Check address length before reading address family (Ondrej Mosnacek) [1717870 1707828]
  • [powerpc] powerpc/tm: Fix stack pointer corruption (Desnes Augusto Nunes do Rosario) [1717869 1707635]
  • [md] dm cache metadata: Fix loading discard bitset (Mike Snitzer) [1717868 1701618]
  • [md] dm mpath: fix missing call of path selector type->end_io (Mike Snitzer) [1717804 1686227]
  • [mm] mm/memory.c: do_fault: avoid usage of stale vm_area_struct (‘Herton R. Krzesinski’) [1717801 1684734]
  • [net] sunrpc: fix 4 more call sites that were using stack memory with a scatterlist (Scott Mayhew) [1717800 1679183]
  • [net] sunrpc: Don’t use stack buffer with scatterlist (Scott Mayhew) [1717800 1679183]
  • [scsi] scsi: mpt3sas: Fix kernel panic during expander reset (Tomas Henzl) [1717791 1677693]
  • [security] selinux: always allow mounting submounts (Ondrej Mosnacek) [1717777 1647723]
  • [drm] drm/bufs: Fix Spectre v1 vulnerability (Rob Clark) [1717382 1663467]
  • [drm] drm/ioctl: Fix Spectre v1 vulnerabilities (Rob Clark) [1717382 1663467]
  • [tools] perf annotate: Fix getting source line failure (Michael Petlan) [1716887 1614435]
  • [iommu] iommu/amd: Set exclusion range correctly (Jerry Snitselaar) [1715336 1702766]
  • [iommu] iommu/amd: Reserve exclusion range in iova-domain (Jerry Snitselaar) [1717344 1694835]
  • [kvm] KVM: PPC: Book3S: Add count cache flush parameters to kvmppc_get_cpu_char() (Vitaly Kuznetsov) [1715018 1694456]
  • [s390] kvm: s390: Fix potential spectre warnings (Thomas Huth) [1714754 1702344]
  • [drm] drm/i915/gvt: Fix mmap range check (Alex Williamson) [1713572 1713573] {CVE-2019-11085}
  • [scsi] scsi: megaraid_sas: return error when create DMA pool failed (Tomas Henzl) [1712862 1712863] {CVE-2019-11810}
    [4.18.0-80.5.1_0]
  • [kernel] sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup (Joel Savitz) [1715345 1695651]
  • [kernel] sched/fair: Fix O(nr_cgroups) in the load balancing path (Phil Auld) [1715343 1685636] {CVE-2018-20784}
  • [kernel] sched/fair: Fix insertion in rq->leaf_cfs_rq_list (Phil Auld) [1715343 1685636] {CVE-2018-20784}
  • [kernel] sched/fair: Add tmp_alone_branch assertion (Phil Auld) [1715343 1685636] {CVE-2018-20784}
  • [kernel] sched/fair: Fix infinite loop in update_blocked_averages() by reverting a9e7f6544b9c (Phil Auld) [1715343 1685636] {CVE-2018-20784}
  • [rpmspec] apply linux-kernel-test.patch when building (‘Herton R. Krzesinski’) [1715340 1690534]
  • [rpmspec] Fix cross builds (Jiri Olsa) [1715339 1694956]
  • [kernel] sched/fair: Do not re-read ->h_load_next during hierarchical load calculation (Phil Auld) [1715337 1701762]
  • [kvm] KVM: PPC: Book3S HV: Save/restore vrsave register in kvmhv_p9_guest_entry() (Suraj Jitindar Singh) [1714753 1700272]
  • [powerpc] KVM: PPC: Book3S HV: Perserve PSSCR FAKE_SUSPEND bit on guest exit (Suraj Jitindar Singh) [1714751 1689768]
  • [powerpc] powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (David Gibson) [1714746 1674410]
  • [char] ipmi_si: fix use-after-free of resource->name (Tony Camuso) [1714409 1714410] {CVE-2019-11811}
  • [x86] Update stepping values for coffee lake desktop (David Arcari) [1711048 1704800]
OSVersionArchitecturePackageVersionFilename
oracle linux8srckernel< 4.18.0-80.7.1.el8_0kernel-4.18.0-80.7.1.el8_0.src.rpm
oracle linux8aarch64kernel-tools-libs-devel< 4.18.0-80.7.1.el8_0kernel-tools-libs-devel-4.18.0-80.7.1.el8_0.aarch64.rpm
oracle linux8srckernel< 4.18.0-80.7.1.el8_0kernel-4.18.0-80.7.1.el8_0.src.rpm
oracle linux8x86_64bpftool< 4.18.0-80.7.1.el8_0bpftool-4.18.0-80.7.1.el8_0.x86_64.rpm
oracle linux8x86_64kernel< 4.18.0-80.7.1.el8_0kernel-4.18.0-80.7.1.el8_0.x86_64.rpm
oracle linux8noarchkernel-abi-whitelists< 4.18.0-80.7.1.el8_0kernel-abi-whitelists-4.18.0-80.7.1.el8_0.noarch.rpm
oracle linux8x86_64kernel-core< 4.18.0-80.7.1.el8_0kernel-core-4.18.0-80.7.1.el8_0.x86_64.rpm
oracle linux8x86_64kernel-cross-headers< 4.18.0-80.7.1.el8_0kernel-cross-headers-4.18.0-80.7.1.el8_0.x86_64.rpm
oracle linux8x86_64kernel-debug< 4.18.0-80.7.1.el8_0kernel-debug-4.18.0-80.7.1.el8_0.x86_64.rpm
oracle linux8x86_64kernel-debug-core< 4.18.0-80.7.1.el8_0kernel-debug-core-4.18.0-80.7.1.el8_0.x86_64.rpm
Rows per page:
1-10 of 231

Related

nessus 70
redhat 19
oraclelinux 9
ibm 18
openvas 24
amazon 2
centos 3
fedora 2
citrix 2
archlinux 4
checkpoint_security 1
fortinet 1
attackerkb 1
myhack58 1
arista 1
mscve 1
ics 1
virtuozzo 4
symantec 1
paloalto 1
threatpost 1
cert 1
mageia 3
zdt 1
ubuntu 2
vmware 2
cloudfoundry 1
osv 1
debian 1
cve 2
prion 3
redhatcve 3
ubuntucve 3
debiancve 2
f5 3
qualysblog 1
veracode 2
intel 1
nessus
nessus
RHEL 8 : kernel-rt (RHSA-2019:1971)
2019-08-12 00:00:00
RHEL 8 : kernel (RHSA-2019:1959)
2019-08-12 00:00:00
CentOS 8 : kernel (CESA-2019:1959)
2021-01-29 00:00:00
redhat
redhat
(RHSA-2019:1959) Important: kernel security, bug fix, and enhancement update
2019-07-30 09:18:32
(RHSA-2019:1971) Important: kernel-rt security and bug fix update
2019-07-30 10:55:07
(RHSA-2019:1602) Important: kernel-alt security update
2019-06-25 16:27:31
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2019-07-30 00:00:00
Unbreakable Enterprise kernel security update
2019-06-17 00:00:00
Unbreakable Enterprise kernel security update
2019-06-17 00:00:00
ibm
ibm
Security Bulletin: IBM Cloud Pak System addressed vulnerabilities (CVE-2019-11479, CVE-2019-11478, CVE-2019-11477)
2020-12-31 15:53:07
Security Bulletin: IBM MQ Appliance is affected by kernel vulnerabilities (CVE-2019-11479, CVE-2019-11478 and CVE-2019-11477)
2019-10-14 16:00:11
Security Bulletin: IBM Flex System switch firmware products are affected by TCP denial of service vulnerabilities
2023-12-07 22:45:07
openvas
openvas
AVM FRITZ!Box TCP SACK PANIC - Kernel Vulnerabilities
2020-10-20 00:00:00
Fedora Update for kernel-headers FEDORA-2019-6c3d89b3d0
2019-06-19 00:00:00
Fedora Update for kernel-headers FEDORA-2019-914542e05c
2019-06-19 00:00:00
amazon
amazon
Critical: kernel
2019-06-13 21:37:00
Critical: kernel
2019-06-13 22:11:00
centos
centos
bpftool, kernel, perf, python security update
2019-06-19 00:21:01
kernel, perf, python security update
2019-06-19 00:19:05
bpftool, kernel, perf, python security update
2019-07-31 13:31:33
fedora
fedora
[SECURITY] Fedora 29 Update: kernel-headers-5.1.11-200.fc29
2019-06-18 21:19:41
[SECURITY] Fedora 30 Update: kernel-headers-5.1.11-300.fc30
2019-06-18 18:15:45
citrix
citrix
Citrix SD-WAN Security Update
2019-09-11 04:00:00
Citrix Hypervisor Security Update.
2019-07-08 04:00:00
archlinux
archlinux
[ASA-201906-13] linux: denial of service
2019-06-18 00:00:00
[ASA-201906-12] linux-hardened: denial of service
2019-06-17 00:00:00
[ASA-201906-15] linux-zen: denial of service
2019-06-18 00:00:00
checkpoint_security
checkpoint_security
Check Point response to TCP SACK PANIC - Linux Kernel vulnerabilities - CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479
2019-06-18 05:16:31
fortinet
fortinet
TCP SACK panic attack- Linux Kernel Vulnerabilities- CVE-2019-11477, CVE-2019-11478 & CVE-2019-11479
2019-11-29 00:00:00
attackerkb
attackerkb
TCP SACK PANIC
2020-02-13 00:00:00
myhack58
myhack58
CVE-2019-11477: Linux kernel TCP SACK mechanism remote Dos early warning analysis-vulnerability warning-the black bar safety net
2019-06-19 00:00:00
arista
arista
Security Advisory 0041
2019-07-02 00:00:00
mscve
mscve
Linux Kernel TCP SACK Denial of Service Vulnerability
2019-06-28 07:00:00
ics
ics
Siemens Industrial Products (Update R)
2022-05-12 12:00:00
virtuozzo
virtuozzo
Important kernel security update: New kernel 2.6.32-042stab139.1 for Virtuozzo Containers for Linux 4.7, Server Bare Metal 5.0
2019-06-20 00:00:00
Important kernel security update: New kernel 2.6.32-042stab139.1; Virtuozzo 6.0 Update 12 Hotfix 43 (6.0.12-3743)
2019-06-20 00:00:00
Important kernel security update: Virtuozzo ReadyKernel patch 82.0 for all supported Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5 kernels
2019-06-20 00:00:00
symantec
symantec
Linux Kernel Vulnerabilities May-June 2019
2019-09-05 08:00:00
paloalto
paloalto
Information about TCP SACK Panic Findings in PAN-OS
2019-06-27 00:00:00
threatpost
threatpost
Linux Kernel Bug Knocks PCs, IoT Gadgets and More Offline
2019-06-18 18:43:50
cert
cert
Multiple TCP Selective Acknowledgement (SACK) and Maximum Segment Size (MSS) networking vulnerabilities may cause denial-of-service conditions in Linux and FreeBSD kernels
2019-06-20 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerability
2019-06-21 04:07:01
Updated kernel-linus packages fix security vulnerability
2019-06-21 04:07:01
Updated kernel-tmb packages fix security vulnerability
2019-06-21 04:07:01
zdt
zdt
Linux / FreeBSD TCP-Based Denial Of Service Vulnerability
2019-06-18 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2019-06-17 00:00:00
Linux kernel vulnerabilities
2019-06-17 00:00:00
vmware
vmware
VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)
2019-07-02 00:00:00
VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)
2019-07-02 00:00:00
cloudfoundry
cloudfoundry
USN-4017-1: Linux kernel vulnerabilities | Cloud Foundry
2019-07-03 00:00:00
osv
osv
linux - security update
2019-06-17 00:00:00
debian
debian
[SECURITY] [DLA 1823-1] linux security update
2019-06-17 23:42:52
cve
cve
CVE-2018-20784
2019-02-22 15:29:00
CVE-2019-11085
2019-05-17 16:29:00
prion
prion
Code injection
2019-02-22 15:29:00
Input validation
2019-05-17 16:29:00
Double free
2019-05-07 14:29:00
redhatcve
redhatcve
CVE-2018-20784
2019-12-24 09:52:09
CVE-2019-11085
2019-10-27 12:25:54
CVE-2019-11811
2020-04-01 20:13:30
ubuntucve
ubuntucve
CVE-2018-20784
2019-02-22 00:00:00
CVE-2019-11085
2019-05-17 00:00:00
CVE-2019-11811
2019-05-07 00:00:00
debiancve
debiancve
CVE-2018-20784
2019-02-22 15:29:00
CVE-2019-11085
2019-05-17 16:29:00
f5
f5
K65260085 : Linux kernel vulnerability CVE-2018-20784
2019-03-12 00:00:00
K09376613 : INTEL-SA-00249 - Intel i915 Graphics for Linux vulnerability CVE-2019-11085
2019-05-19 00:00:00
K01512680 : Linux kernel vulnerability CVE-2019-11811
2019-07-08 00:00:00
qualysblog
qualysblog
July 2019 Patch Tuesday – 77 Vulns, 15 Critical, DHCP RCE, Exploited PrivEsc, SQL, Adobe Vulns
2019-07-09 18:12:39
veracode
veracode
Privilege Escalation
2019-08-05 00:16:14
Denial Of Service (DoS)
2019-08-05 00:16:15
intel
intel
Intel® i915 Graphics for Linux Advisory
2019-05-14 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

JSON
Related for ELSA-2019-1959
nessus70redhat19oraclelinux9ibm18openvas24amazon2centos3fedora2citrix2archlinux4checkpoint_security1fortinet1attackerkb1myhack581arista1mscve1ics1virtuozzo4symantec1paloalto1threatpost1cert1mageia3zdt1ubuntu2vmware2cloudfoundry1osv1debian1cve2prion3redhatcve3ubuntucve3debiancve2f53qualysblog1veracode2intel1