pepelyaevip/vuln-list-alt
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
26379462a9
vuln-list-alt/oval/c10f1/ALT-PU-2019-3128/definitions.json
pepelyaevip 9d72b75f75 ALT Vulnerability
2024-12-12 21:07:30 +00:00

369 lines
19 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Definition": [
{
"ID": "oval:org.altlinux.errata:def:20193128",
"Version": "oval:org.altlinux.errata:def:20193128",
"Class": "patch",
"Metadata": {
"Title": "ALT-PU-2019-3128: package `kernel-image-std-def` update to version 4.19.84-alt1",
"AffectedList": [
{
"Family": "unix",
"Platforms": [
"ALT Linux branch c10f1"
],
"Products": [
"ALT SP Workstation",
"ALT SP Server"
]
}
],
"References": [
{
"RefID": "ALT-PU-2019-3128",
"RefURL": "https://errata.altlinux.org/ALT-PU-2019-3128",
"Source": "ALTPU"
},
{
"RefID": "BDU:2019-02194",
"RefURL": "https://bdu.fstec.ru/vul/2019-02194",
"Source": "BDU"
},
{
"RefID": "BDU:2019-02195",
"RefURL": "https://bdu.fstec.ru/vul/2019-02195",
"Source": "BDU"
},
{
"RefID": "BDU:2019-02196",
"RefURL": "https://bdu.fstec.ru/vul/2019-02196",
"Source": "BDU"
},
{
"RefID": "BDU:2019-03812",
"RefURL": "https://bdu.fstec.ru/vul/2019-03812",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04518",
"RefURL": "https://bdu.fstec.ru/vul/2019-04518",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04661",
"RefURL": "https://bdu.fstec.ru/vul/2019-04661",
"Source": "BDU"
},
{
"RefID": "BDU:2019-04829",
"RefURL": "https://bdu.fstec.ru/vul/2019-04829",
"Source": "BDU"
},
{
"RefID": "BDU:2020-00347",
"RefURL": "https://bdu.fstec.ru/vul/2020-00347",
"Source": "BDU"
},
{
"RefID": "BDU:2020-02161",
"RefURL": "https://bdu.fstec.ru/vul/2020-02161",
"Source": "BDU"
},
{
"RefID": "CVE-2019-11477",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11477",
"Source": "CVE"
},
{
"RefID": "CVE-2019-11478",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11478",
"Source": "CVE"
},
{
"RefID": "CVE-2019-11479",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-11479",
"Source": "CVE"
},
{
"RefID": "CVE-2019-17666",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-17666",
"Source": "CVE"
},
{
"RefID": "CVE-2019-18813",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-18813",
"Source": "CVE"
},
{
"RefID": "CVE-2019-19048",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-19048",
"Source": "CVE"
},
{
"RefID": "CVE-2019-19052",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-19052",
"Source": "CVE"
},
{
"RefID": "CVE-2019-19060",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-19060",
"Source": "CVE"
},
{
"RefID": "CVE-2019-19770",
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2019-19770",
"Source": "CVE"
}
],
"Description": "This update upgrades kernel-image-std-def to version 4.19.84-alt1. \nSecurity Fix(es):\n\n * BDU:2019-02194: Уязвимость механизма TCP Selective Acknowledgement ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-02195: Уязвимость механизма TCP Selective Acknowledgement ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-02196: Уязвимость ядра операционной системы Linux, вызванная ошибками при обработке сегментов минимального размера, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-03812: Уязвимость функции rtl_p2p_noa_ie из drivers/net/wireless/realtek/rtlwifi/ps.c ядра операционной системы Linux, связанная с переполнением буфера в памяти, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании\n\n * BDU:2019-04518: Уязвимость функции dwc3_pci_probe() (drivers/usb/dwc3/dwc3-pci.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04661: Уязвимость функции gs_can_open() (drivers/net/can/usb/gs_usb.c) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2019-04829: Уязвимость функции adis_update_scan_mode() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * BDU:2020-00347: Уязвимость функции debugfs_remove ядра операционной системы Linux, связанная с использованием области памяти после её освобождения, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании\n\n * BDU:2020-02161: Уязвимость функции «crypto_reportstat()» в ядре операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании\n\n * CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)-\u003etcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.\n\n * CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e.\n\n * CVE-2019-11479: Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commits 967c05aee439e6e5d7d805e195b3a20ef5c433d6 and 5f3e2bf008c2221478101ee72f5cb4654b9fc363.\n\n * CVE-2019-17666: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.\n\n * CVE-2019-18813: A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering platform_device_add_properties() failures, aka CID-9bbfceea12a8.\n\n * CVE-2019-19048: A memory leak in the crypto_reportstat() function in drivers/virt/vboxguest/vboxguest_utils.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering copy_form_user() failures, aka CID-e0b0cb938864.\n\n * CVE-2019-19052: A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.\n\n * CVE-2019-19060: A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.\n\n * CVE-2019-19770: In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfs_create_file). NOTE: Linux kernel developers dispute this issue as not being an issue with debugfs, instead this is an issue with misuse of debugfs within blktrace",
"Advisory": {
"From": "errata.altlinux.org",
"Severity": "High",
"Rights": "Copyright 2024 BaseALT Ltd.",
"Issued": {
"Date": "2019-11-13"
},
"Updated": {
"Date": "2019-11-13"
},
"BDUs": [
{
"ID": "BDU:2019-02194",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-190, CWE-680",
"Href": "https://bdu.fstec.ru/vul/2019-02194",
"Impact": "High",
"Public": "20190615"
},
{
"ID": "BDU:2019-02195",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400, CWE-770",
"Href": "https://bdu.fstec.ru/vul/2019-02195",
"Impact": "High",
"Public": "20190615"
},
{
"ID": "BDU:2019-02196",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400, CWE-405, CWE-770",
"Href": "https://bdu.fstec.ru/vul/2019-02196",
"Impact": "High",
"Public": "20190615"
},
{
"ID": "BDU:2019-03812",
"CVSS": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-120",
"Href": "https://bdu.fstec.ru/vul/2019-03812",
"Impact": "High",
"Public": "20191015"
},
{
"ID": "BDU:2019-04518",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400, CWE-401",
"Href": "https://bdu.fstec.ru/vul/2019-04518",
"Impact": "High",
"Public": "20191027"
},
{
"ID": "BDU:2019-04661",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400, CWE-401",
"Href": "https://bdu.fstec.ru/vul/2019-04661",
"Impact": "High",
"Public": "20191104"
},
{
"ID": "BDU:2019-04829",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400, CWE-401",
"Href": "https://bdu.fstec.ru/vul/2019-04829",
"Impact": "High",
"Public": "20191009"
},
{
"ID": "BDU:2020-00347",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://bdu.fstec.ru/vul/2020-00347",
"Impact": "High",
"Public": "20191211"
},
{
"ID": "BDU:2020-02161",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400, CWE-401",
"Href": "https://bdu.fstec.ru/vul/2020-02161",
"Impact": "High",
"Public": "20191010"
}
],
"CVEs": [
{
"ID": "CVE-2019-11477",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-190",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11477",
"Impact": "High",
"Public": "20190619"
},
{
"ID": "CVE-2019-11478",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-400",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11478",
"Impact": "High",
"Public": "20190619"
},
{
"ID": "CVE-2019-11479",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-770",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-11479",
"Impact": "High",
"Public": "20190619"
},
{
"ID": "CVE-2019-17666",
"CVSS": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
"CVSS3": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"CWE": "CWE-120",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-17666",
"Impact": "High",
"Public": "20191017"
},
{
"ID": "CVE-2019-18813",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-401",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-18813",
"Impact": "High",
"Public": "20191107"
},
{
"ID": "CVE-2019-19048",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-401",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-19048",
"Impact": "High",
"Public": "20191118"
},
{
"ID": "CVE-2019-19052",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-401",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-19052",
"Impact": "High",
"Public": "20191118"
},
{
"ID": "CVE-2019-19060",
"CVSS": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"CWE": "CWE-401",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-19060",
"Impact": "High",
"Public": "20191118"
},
{
"ID": "CVE-2019-19770",
"CVSS": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"CVSS3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"CWE": "CWE-416",
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2019-19770",
"Impact": "High",
"Public": "20191212"
}
],
"AffectedCPEs": {
"CPEs": [
"cpe:/o:alt:spworkstation:10",
"cpe:/o:alt:spserver:10"
]
}
}
},
"Criteria": {
"Operator": "AND",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:5001",
"Comment": "ALT Linux must be installed"
}
],
"Criterias": [
{
"Operator": "OR",
"Criterions": [
{
"TestRef": "oval:org.altlinux.errata:tst:20193128001",
"Comment": "kernel-doc-std is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128002",
"Comment": "kernel-headers-modules-std-def is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128003",
"Comment": "kernel-headers-std-def is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128004",
"Comment": "kernel-image-domU-std-def is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128005",
"Comment": "kernel-image-std-def is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128006",
"Comment": "kernel-modules-drm-ancient-std-def is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128007",
"Comment": "kernel-modules-drm-nouveau-std-def is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128008",
"Comment": "kernel-modules-drm-radeon-std-def is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128009",
"Comment": "kernel-modules-drm-std-def is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128010",
"Comment": "kernel-modules-ide-std-def is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128011",
"Comment": "kernel-modules-staging-std-def is earlier than 1:4.19.84-alt1"
},
{
"TestRef": "oval:org.altlinux.errata:tst:20193128012",
"Comment": "kernel-modules-v4l-std-def is earlier than 1:4.19.84-alt1"
}
]
}
]
}
}
]
}
Reference in New Issue View Git Blame Copy Permalink