Lucene search

Veracode Vulnerability DatabaseVERACODE:16928

HistoryMay 02, 2019 - 5:29 a.m.

Information Disclosure

2019-05-0205:29:38

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

JSON

kernel is vulnerable to information disclosure. It was found that the espfix functionality does not work for 32-bit KVM paravirtualized guests. A local, unprivileged guest user could potentially use this flaw to leak kernel stack addresses.

CPENameOperatorVersion
kerneleq2.6.32__279.5.2.el6
kerneleq2.6.32__358.123.4.openstack.el6
kerneleq2.6.32__279.5.1.el6
kerneleq2.6.32__504.8.1.el6
kerneleq2.6.32__358.6.1.el6
kerneleq2.6.32__358.0.1.el6
kerneleq2.6.32__431.40.2.el6
kerneleq2.6.32__358.111.1.openstack.el6
kerneleq2.6.32__431.el6
kerneleq2.6.32__431.53.2.el6

Name	Operator	Version
kernel	eq	2.6.32__279.5.2.el6
kernel	eq	2.6.32__358.123.4.openstack.el6
kernel	eq	2.6.32__279.5.1.el6
kernel	eq	2.6.32__504.8.1.el6
kernel	eq	2.6.32__358.6.1.el6
kernel	eq	2.6.32__358.0.1.el6
kernel	eq	2.6.32__431.40.2.el6
kernel	eq	2.6.32__358.111.1.openstack.el6
kernel	eq	2.6.32__431.el6
kernel	eq	2.6.32__431.53.2.el6

Rows per page:

1-10 of 1901

References

lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html

lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00009.html

lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html

people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-8134.html

rhn.redhat.com/errata/RHSA-2016-0855.html

secunia.com/advisories/62336

www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

www.securityfocus.com/bid/71650

www.spinics.net/lists/kvm/msg111458.html

access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.8_Release_Notes/index.html

access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.8_Technical_Notes/index.html

access.redhat.com/security/cve/CVE-2016-3841

access.redhat.com/security/updates/classification/#moderate

bugs.launchpad.net/ubuntu/+source/linux/+bug/1400314

bugzilla.novell.com/show_bug.cgi?id=909078

bugzilla.redhat.com/show_bug.cgi?id=1066751

bugzilla.redhat.com/show_bug.cgi?id=1172765

bugzilla.redhat.com/show_bug.cgi?id=1197875

bugzilla.redhat.com/show_bug.cgi?id=1225359

bugzilla.redhat.com/show_bug.cgi?id=1242239

bugzilla.redhat.com/show_bug.cgi?id=1248507

bugzilla.redhat.com/show_bug.cgi?id=1254020

bugzilla.redhat.com/show_bug.cgi?id=1259870

bugzilla.redhat.com/show_bug.cgi?id=1310661

bugzilla.redhat.com/show_bug.cgi?id=697750

bugzilla.redhat.com/show_bug.cgi?id=723722

bugzilla.redhat.com/show_bug.cgi?id=889368

rhn.redhat.com/errata/RHSA-2016-0855.html

support.f5.com/csp/article/K17120

support.f5.com/csp/article/K17120?utm_source=f5support&amp%3Butm_medium=RSS

support.f5.com/csp/article/K17120?utm_source=f5support&utm_medium=RSS

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

JSON

Related for VERACODE:16928