169 lines
6.6 KiB
JSON
169 lines
6.6 KiB
JSON
{
|
|
"Definition": [
|
|
{
|
|
"ID": "oval:org.altlinux.errata:def:20182196",
|
|
"Version": "oval:org.altlinux.errata:def:20182196",
|
|
"Class": "patch",
|
|
"Metadata": {
|
|
"Title": "ALT-PU-2018-2196: package `kernel-image-std-pae` update to version 4.4.150-alt1.1",
|
|
"AffectedList": [
|
|
{
|
|
"Family": "unix",
|
|
"Platforms": [
|
|
"ALT Linux branch p9"
|
|
],
|
|
"Products": [
|
|
"ALT Server",
|
|
"ALT Virtualization Server",
|
|
"ALT Workstation",
|
|
"ALT Workstation K",
|
|
"ALT Education",
|
|
"Simply Linux",
|
|
"Starterkit"
|
|
]
|
|
}
|
|
],
|
|
"References": [
|
|
{
|
|
"RefID": "ALT-PU-2018-2196",
|
|
"RefURL": "https://errata.altlinux.org/ALT-PU-2018-2196",
|
|
"Source": "ALTPU"
|
|
},
|
|
{
|
|
"RefID": "BDU:2019-03460",
|
|
"RefURL": "https://bdu.fstec.ru/vul/2019-03460",
|
|
"Source": "BDU"
|
|
},
|
|
{
|
|
"RefID": "CVE-2018-9363",
|
|
"RefURL": "https://nvd.nist.gov/vuln/detail/CVE-2018-9363",
|
|
"Source": "CVE"
|
|
}
|
|
],
|
|
"Description": "This update upgrades kernel-image-std-pae to version 4.4.150-alt1.1. \nSecurity Fix(es):\n\n * BDU:2019-03460: Уязвимость функции hidp_process_report компонента bluetooth ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации\n\n * CVE-2018-9363: In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.",
|
|
"Advisory": {
|
|
"From": "errata.altlinux.org",
|
|
"Severity": "High",
|
|
"Rights": "Copyright 2024 BaseALT Ltd.",
|
|
"Issued": {
|
|
"Date": "2018-08-22"
|
|
},
|
|
"Updated": {
|
|
"Date": "2018-08-22"
|
|
},
|
|
"BDUs": [
|
|
{
|
|
"ID": "BDU:2019-03460",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-190, CWE-787",
|
|
"Href": "https://bdu.fstec.ru/vul/2019-03460",
|
|
"Impact": "High",
|
|
"Public": "20181031"
|
|
}
|
|
],
|
|
"CVEs": [
|
|
{
|
|
"ID": "CVE-2018-9363",
|
|
"CVSS": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
|
|
"CVSS3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"CWE": "CWE-787",
|
|
"Href": "https://nvd.nist.gov/vuln/detail/CVE-2018-9363",
|
|
"Impact": "High",
|
|
"Public": "20181106"
|
|
}
|
|
],
|
|
"AffectedCPEs": {
|
|
"CPEs": [
|
|
"cpe:/o:alt:kworkstation:9",
|
|
"cpe:/o:alt:workstation:9",
|
|
"cpe:/o:alt:server:9",
|
|
"cpe:/o:alt:server-v:9",
|
|
"cpe:/o:alt:education:9",
|
|
"cpe:/o:alt:slinux:9",
|
|
"cpe:/o:alt:starterkit:p9",
|
|
"cpe:/o:alt:kworkstation:9.1",
|
|
"cpe:/o:alt:workstation:9.1",
|
|
"cpe:/o:alt:server:9.1",
|
|
"cpe:/o:alt:server-v:9.1",
|
|
"cpe:/o:alt:education:9.1",
|
|
"cpe:/o:alt:slinux:9.1",
|
|
"cpe:/o:alt:starterkit:9.1",
|
|
"cpe:/o:alt:kworkstation:9.2",
|
|
"cpe:/o:alt:workstation:9.2",
|
|
"cpe:/o:alt:server:9.2",
|
|
"cpe:/o:alt:server-v:9.2",
|
|
"cpe:/o:alt:education:9.2",
|
|
"cpe:/o:alt:slinux:9.2",
|
|
"cpe:/o:alt:starterkit:9.2"
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"Criteria": {
|
|
"Operator": "AND",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:1001",
|
|
"Comment": "ALT Linux must be installed"
|
|
}
|
|
],
|
|
"Criterias": [
|
|
{
|
|
"Operator": "OR",
|
|
"Criterions": [
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196001",
|
|
"Comment": "kernel-headers-modules-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196002",
|
|
"Comment": "kernel-headers-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196003",
|
|
"Comment": "kernel-image-domU-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196004",
|
|
"Comment": "kernel-image-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196005",
|
|
"Comment": "kernel-modules-drm-ancient-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196006",
|
|
"Comment": "kernel-modules-drm-nouveau-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196007",
|
|
"Comment": "kernel-modules-drm-radeon-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196008",
|
|
"Comment": "kernel-modules-drm-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196009",
|
|
"Comment": "kernel-modules-ide-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196010",
|
|
"Comment": "kernel-modules-kvm-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196011",
|
|
"Comment": "kernel-modules-staging-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
},
|
|
{
|
|
"TestRef": "oval:org.altlinux.errata:tst:20182196012",
|
|
"Comment": "kernel-modules-v4l-std-pae is earlier than 1:4.4.150-alt1.1"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
} |