SB20200407136 - Red Hat Enterprise Linux 8 update for kernel

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB20200407136

SB20200407136 - Red Hat Enterprise Linux 8 update for kernel

Published: April 7, 2020

Security Bulletin ID SB20200407136
Severity
Low
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Local access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2019-15030)

The vulnerability allows a local authenticated user to #BASIC_IMPACT#.

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.


2) Information disclosure (CVE-ID: CVE-2019-15031)

The vulnerability allows a local authenticated user to #BASIC_IMPACT#.

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.


3) Information disclosure (CVE-ID: CVE-2019-18660)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to absent protection in Linux kernel on powerpc against the Spectre-RSB, related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c. A local user can gain unauthorized access to sensitive information on the system.


4) Use-after-free (CVE-ID: CVE-2019-19527)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to use-after-free error in the drivers/hid/usbhid/hiddev.c driver. A local user can use a malicious USB device to trigger use-after-free error and execute arbitrary code on the system with elevated privileges.


Remediation

Install update from vendor's website.

References