Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2019:3217
HistoryOct 29, 2019 - 11:35 a.m.

(RHSA-2019:3217) Important: kernel-alt security and bug fix update

2019-10-2911:35:37
access.redhat.com
29

8.3 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.3%

JSON

The kernel-alt packages provide the Linux kernel version 4.x.

Security Fix(es):

  • kernel: MIDI driver race condition leads to a double-free (CVE-2018-10902)

  • kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)

  • kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500)

  • hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)

  • kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel modules pkey and paes_s390 are not available (BZ#1719192)

  • pkey: Indicate old mkvp only if old and curr. mkvp are different (BZ#1720621)

  • System dropped into Mon running softboots Exception: 501 (Hardware Interrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi) (BZ#1737563)

  • kernel: jump label transformation performance (BZ#1739143)

  • Backport i40e MDD detection removal for PFs (BZ#1747618)

OSVersionArchitecturePackageVersionFilename
RedHat7s390xkernel-debug-debuginfo< 4.14.0-115.14.1.el7akernel-debug-debuginfo-4.14.0-115.14.1.el7a.s390x.rpm
RedHat7aarch64perf< 4.14.0-115.14.1.el7aperf-4.14.0-115.14.1.el7a.aarch64.rpm
RedHat7s390xperf< 4.14.0-115.14.1.el7aperf-4.14.0-115.14.1.el7a.s390x.rpm
RedHat7ppc64lekernel-devel< 4.14.0-115.14.1.el7akernel-devel-4.14.0-115.14.1.el7a.ppc64le.rpm
RedHat7s390xkernel-kdump< 4.14.0-115.14.1.el7akernel-kdump-4.14.0-115.14.1.el7a.s390x.rpm
RedHat7ppc64lekernel-tools-libs-devel< 4.14.0-115.14.1.el7akernel-tools-libs-devel-4.14.0-115.14.1.el7a.ppc64le.rpm
RedHat7s390xperf-debuginfo< 4.14.0-115.14.1.el7aperf-debuginfo-4.14.0-115.14.1.el7a.s390x.rpm
RedHat7s390xkernel-kdump-devel< 4.14.0-115.14.1.el7akernel-kdump-devel-4.14.0-115.14.1.el7a.s390x.rpm
RedHat7aarch64python-perf-debuginfo< 4.14.0-115.14.1.el7apython-perf-debuginfo-4.14.0-115.14.1.el7a.aarch64.rpm
RedHat7aarch64kernel< 4.14.0-115.14.1.el7akernel-4.14.0-115.14.1.el7a.aarch64.rpm
Rows per page:
1-10 of 501

Related

nessus 70
redhat 23
openvas 27
centos 4
f5 5
oraclelinux 4
redhatcve 5
veracode 5
ubuntucve 5
prion 5
cve 5
debiancve 5
mscve 2
cert 2
githubexploit 1
ibm 2
fedora 7
zdi 1
symantec 1
hp 1
thn 1
cisco 1
huawei 1
malwarebytes 1
fortinet 1
virtuozzo 3
lenovo 2
ubuntu 4
threatpost 1
amazon 1
suse 2
cloudfoundry 1
nessus
nessus
RHEL 7 : kernel-alt (RHSA-2019:3217)
2019-10-30 00:00:00
NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2019-0221)
2019-12-02 00:00:00
Oracle Linux 7 : kernel (ELSA-2019-3055)
2019-10-18 00:00:00
redhat
redhat
(RHSA-2019:3055) Important: kernel security and bug fix update
2019-10-15 15:47:02
(RHSA-2019:3076) Important: kpatch-patch security update
2019-10-15 15:48:39
(RHSA-2019:3089) Important: kernel-rt security and bug fix update
2019-10-16 07:42:15
openvas
openvas
CentOS Update for bpftool CESA-2019:3055 centos7
2019-10-22 00:00:00
Fedora Update for kernel-tools FEDORA-2019-1e8a4c6958
2019-05-07 00:00:00
Fedora Update for kernel-tools FEDORA-2019-1b986880ea
2019-04-29 00:00:00
centos
centos
bpftool, kernel, perf, python security update
2019-10-21 17:31:04
kernel, perf, python security update
2019-02-26 18:11:53
bpftool, kernel, perf, python security update
2019-09-18 20:39:01
f5
f5
K53214222 : midi kernel driver vulnerability CVE-2018-10902
2019-01-22 00:00:00
K14673240 : Linux kernel vulnerability CVE-2018-20856
2019-10-15 00:00:00
K51813353 : Linux Kernel vulnerability CVE-2019-9506
2022-07-21 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2019-10-16 00:00:00
kernel security and bug fix update
2019-02-26 00:00:00
kernel security and bug fix update
2019-09-04 00:00:00
redhatcve
redhatcve
CVE-2018-20856
2020-04-07 16:59:02
CVE-2018-10902
2020-01-10 21:28:04
CVE-2019-9506
2020-01-07 15:44:45
veracode
veracode
Use-after-Free
2019-10-16 00:21:14
Privilege Escalation
2019-05-16 03:18:35
Buffer Overflows
2019-09-04 00:09:42
ubuntucve
ubuntucve
CVE-2018-20856
2019-07-26 00:00:00
CVE-2018-10902
2018-08-21 00:00:00
CVE-2019-11810
2019-05-07 00:00:00
prion
prion
Design/Logic Flaw
2019-07-26 05:15:00
Double free
2018-08-21 19:29:00
Code injection
2019-08-14 17:15:00
cve
cve
CVE-2018-20856
2019-07-26 05:15:00
CVE-2018-10902
2018-08-21 19:29:00
CVE-2019-9506
2019-08-14 17:15:00
debiancve
debiancve
CVE-2018-20856
2019-07-26 05:15:00
CVE-2018-10902
2018-08-21 19:29:00
CVE-2019-9506
2019-08-14 17:15:00
mscve
mscve
Encryption Key Negotiation of Bluetooth Vulnerability
2019-08-13 07:00:00
Microsoft HoloLens Remote Code Execution Vulnerabilities
2019-06-11 07:00:00
cert
cert
Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks
2019-08-14 00:00:00
Broadcom WiFi chipset drivers contain multiple vulnerabilities
2019-04-17 00:00:00
githubexploit
githubexploit
Exploit for Use of a Broken or Risky Cryptographic Algorithm in Google Android
2019-08-15 11:54:21
ibm
ibm
Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability
2019-11-12 15:47:16
Security Bulletin: Publicly disclosed vulnerabilities from Kernel affect IBM Netezza Host Management
2020-07-15 08:01:34
fedora
fedora
[SECURITY] Fedora 29 Update: kernel-tools-5.0.9-200.fc29
2019-04-25 01:37:09
[SECURITY] Fedora 28 Update: kernel-headers-5.0.9-100.fc28
2019-04-25 23:25:02
[SECURITY] Fedora 30 Update: kernel-tools-5.0.9-300.fc30
2019-04-25 19:34:50
zdi
zdi
Linux Kernel MIDI Race Condition Privilege Escalation Vulnerability
2018-08-30 00:00:00
symantec
symantec
Microsoft Windows Bluetooth CVE-2019-9506 Remote Security Vulnerability
2019-08-13 00:00:00
hp
hp
HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability
2019-12-04 00:00:00
thn
thn
New Bluetooth Vulnerability Lets Attackers Spy On Encrypted Connections
2019-08-14 16:47:00
cisco
cisco
Key Negotiation of Bluetooth Vulnerability
2019-08-13 17:00:00
huawei
huawei
Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability
2019-08-28 00:00:00
malwarebytes
malwarebytes
Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks
2019-08-21 15:56:45
fortinet
fortinet
CVE-2019-9506 Encryption Key Negotiation of Bluetooth (KNOB) Vulnerability
2020-04-23 00:00:00
virtuozzo
virtuozzo
Kernel security update: Virtuozzo ReadyKernel patch 88.1 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0
2019-10-02 00:00:00
Kernel security update: Virtuozzo ReadyKernel patch 88.0 for Virtuozzo 7.0.7
2019-10-01 00:00:00
Important kernel security update: Virtuozzo ReadyKernel patch 89.2 for Virtuozzo 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0
2019-10-16 00:00:00
lenovo
lenovo
Encryption Key Negotiation of Bluetooth Vulnerability - Lenovo Support US
2019-08-13 15:18:05
Encryption Key Negotiation of Bluetooth Vulnerability - Lenovo Support US
2019-08-13 15:18:05
ubuntu
ubuntu
Linux kernel vulnerabilities
2019-06-04 00:00:00
Linux kernel vulnerabilities
2019-06-04 00:00:00
AppArmor update
2019-06-05 00:00:00
threatpost
threatpost
Lenovo Warns of ThinkPad Bugs, One Unpatched
2019-08-14 17:56:01
amazon
amazon
Important: kernel
2018-10-03 02:57:00
suse
suse
Security update for the Linux Kernel (important)
2019-10-10 00:00:00
Security update for the Linux Kernel (important)
2019-10-10 00:00:00
cloudfoundry
cloudfoundry
USN-4008-2: AppArmor update | Cloud Foundry
2019-06-18 00:00:00

8.3 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.3%

JSON
Related for RHSA-2019:3217
nessus70redhat23openvas27centos4f55oraclelinux4redhatcve5veracode5ubuntucve5prion5cve5debiancve5mscve2cert2githubexploit1ibm2fedora7zdi1symantec1hp1thn1cisco1huawei1malwarebytes1fortinet1virtuozzo3lenovo2ubuntu4threatpost1amazon1suse2cloudfoundry1