Red Hat Enterprise Linux 7 update for kernel

1) Resource management error

EUVDB-ID: #VU19387

Risk: Medium

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-13648

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists in the "arch/powerpc/kernel/signal_32.c" and "arch/powerpc/kernel/signal_64.c" files on the PowerPC platform, when hardware transactional memory is disabled. A local authenticated attacker can make a "sigreturn()" system call that sends a signal frame that sends a signal frame that submits malicious input to the targeted system and cause a denial of service condition.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

kernel (Red Hat package): 3.10.0-123.1.2.el7 - 3.10.0-1062.21.1.el7

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 7.7

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.7

Red Hat Enterprise Linux Server - TUS: 7.7

CPE2.3

• cpe:2.3:o:red_hat:kernel_redhat_package:3.10.0-327.89.1.el7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:kernel_redhat_package:3.10.0-514.78.1.el7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:kernel_redhat_package:3.10.0-693.69.1.el7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_x86_64_-_extended_update_support:7.7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_server_-_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_server_-_tus:7.7:*:*:*:*:red_hat_enterprise_linux:*:

External links

http://access.redhat.com/errata/RHSA-2020:3019

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper Handling of Exceptional Conditions

EUVDB-ID: #VU28159

Risk: Low

CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-12888

CWE-ID: N/A

Exploit availability: No

Description

The vulnerability allows a local user to perform a deinal of service (DoS) attack.

The vulnerability exists due to the VFIO PCI driver mishandles attempts to access disabled memory space. A local user can cause a denial of service condition on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

kernel (Red Hat package): 3.10.0-123.1.2.el7 - 3.10.0-1062.21.1.el7

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 7.7

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.7

Red Hat Enterprise Linux Server - TUS: 7.7

CPE2.3

• cpe:2.3:o:red_hat:kernel_redhat_package:3.10.0-327.89.1.el7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:kernel_redhat_package:3.10.0-514.78.1.el7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:kernel_redhat_package:3.10.0-693.69.1.el7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_x86_64_-_extended_update_support:7.7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_server_-_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_server_-_tus:7.7:*:*:*:*:red_hat_enterprise_linux:*:

External links

http://access.redhat.com/errata/RHSA-2020:3019

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU28928

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-0543

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to incomplete cleanup from specific special register read operations in some Intel(R) Processors. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

kernel (Red Hat package): 3.10.0-123.1.2.el7 - 3.10.0-1062.21.1.el7

Red Hat Enterprise Linux for x86_64 - Extended Update Support: 7.7

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions: 7.7

Red Hat Enterprise Linux Server - TUS: 7.7

CPE2.3

• cpe:2.3:o:red_hat:kernel_redhat_package:3.10.0-327.89.1.el7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:kernel_redhat_package:3.10.0-514.78.1.el7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:kernel_redhat_package:3.10.0-693.69.1.el7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_for_x86_64_-_extended_update_support:7.7:*:*:*:*:red_hat_enterprise_linux:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_server_-_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:
• cpe:2.3:o:red_hat:red_hat_enterprise_linux_server_-_tus:7.7:*:*:*:*:red_hat_enterprise_linux:*:

External links

http://access.redhat.com/errata/RHSA-2020:3019

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.