First published: Tue Sep 10 2019(Updated: )
A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel | <0:2.6.32-754.23.1.el6 | 0:2.6.32-754.23.1.el6 |
redhat/kernel | <0:2.6.32-431.96.2.el6 | 0:2.6.32-431.96.2.el6 |
redhat/kernel | <0:2.6.32-504.81.2.el6 | 0:2.6.32-504.81.2.el6 |
redhat/kernel-rt | <0:3.10.0-1062.1.2.rt56.1025.el7 | 0:3.10.0-1062.1.2.rt56.1025.el7 |
redhat/kernel | <0:3.10.0-1062.1.2.el7 | 0:3.10.0-1062.1.2.el7 |
redhat/kernel-alt | <0:4.14.0-115.13.1.el7a | 0:4.14.0-115.13.1.el7a |
redhat/kernel | <0:3.10.0-327.82.1.el7 | 0:3.10.0-327.82.1.el7 |
redhat/kernel | <0:3.10.0-514.69.1.el7 | 0:3.10.0-514.69.1.el7 |
redhat/kernel | <0:3.10.0-693.59.1.el7 | 0:3.10.0-693.59.1.el7 |
redhat/kernel | <0:3.10.0-862.41.2.el7 | 0:3.10.0-862.41.2.el7 |
redhat/kernel | <0:3.10.0-957.35.2.el7 | 0:3.10.0-957.35.2.el7 |
redhat/kernel-rt | <0:4.18.0-80.11.2.rt9.157.el8_0 | 0:4.18.0-80.11.2.rt9.157.el8_0 |
redhat/kernel | <0:4.18.0-80.11.2.el8_0 | 0:4.18.0-80.11.2.el8_0 |
redhat/redhat-virtualization-host | <0:4.2-20190919.0.el7_6 | 0:4.2-20190919.0.el7_6 |
redhat/redhat-virtualization-host | <0:4.3.5-20190920.0.el7_7 | 0:4.3.5-20190920.0.el7_7 |
Linux Linux kernel | >=2.6.34<3.16.74 | |
Linux Linux kernel | >=4.4<4.4.193 | |
Linux Linux kernel | >=4.9<4.9.193 | |
Linux Linux kernel | >=4.14<4.14.144 | |
Linux Linux kernel | >=4.19<4.19.73 | |
Linux Linux kernel | >=5.2<5.2.15 | |
Linux Linux kernel | =5.3 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
Canonical Ubuntu Linux | =19.04 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
Fedoraproject Fedora | =29 | |
Fedoraproject Fedora | =30 | |
openSUSE Leap | =15.0 | |
openSUSE Leap | =15.1 | |
Netapp Aff A700s Firmware | ||
NetApp AFF A700s | ||
Netapp H410c Firmware | ||
Netapp H410c | ||
Netapp H610s Firmware | ||
Netapp H610s | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
Netapp H300e Firmware | ||
Netapp H300e | ||
Netapp H500e Firmware | ||
Netapp H500e | ||
Netapp H700e Firmware | ||
Netapp H700e | ||
Netapp H410s Firmware | ||
Netapp H410s | ||
Netapp Steelstore Cloud Integrated Storage | ||
Netapp Data Availability Services | ||
Netapp Hci Management Node | ||
NetApp Service Processor | ||
Netapp Solidfire | ||
Redhat Openshift Container Platform | =3.11 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux Desktop | =6.0 | |
Redhat Enterprise Linux Desktop | =7.0 | |
Redhat Enterprise Linux Eus | =7.5 | |
Redhat Enterprise Linux Eus | =7.6 | |
Redhat Enterprise Linux Eus | =7.7 | |
Redhat Enterprise Linux For Real Time | =7 | |
Redhat Enterprise Linux For Real Time | =8 | |
Redhat Enterprise Linux Server | =6.0 | |
Redhat Enterprise Linux Server | =7.0 | |
Redhat Enterprise Linux Server | =7.6 | |
Redhat Enterprise Linux Server Aus | =6.5 | |
Redhat Enterprise Linux Server Aus | =6.6 | |
Redhat Enterprise Linux Server Aus | =7.2 | |
Redhat Enterprise Linux Server Aus | =7.3 | |
Redhat Enterprise Linux Server Aus | =7.4 | |
Redhat Enterprise Linux Server Aus | =7.6 | |
Redhat Enterprise Linux Server Aus | =7.7 | |
Redhat Enterprise Linux Server Tus | =7.2 | |
Redhat Enterprise Linux Server Tus | =7.3 | |
Redhat Enterprise Linux Server Tus | =7.4 | |
Redhat Enterprise Linux Server Tus | =7.6 | |
Redhat Enterprise Linux Server Tus | =7.7 | |
Redhat Enterprise Linux Workstation | =6.0 | |
Redhat Enterprise Linux Workstation | =7.0 | |
Redhat Virtualization | =4.0 | |
Redhat Virtualization Host | =4.0 | |
Redhat Enterprise Linux | =7.0 | |
Huawei Imanager Neteco | =v600r009c00 | |
Huawei Imanager Neteco | =v600r009c10spc200 | |
Huawei Imanager Neteco 6000 | =v600r008c10spc300 | |
Huawei Imanager Neteco 6000 | =v600r008c20 | |
Huawei ManageOne | =6.5.0 | |
Huawei ManageOne | =6.5.0.spc100.b210 | |
Huawei ManageOne | =6.5.1rc1.b060 | |
Huawei ManageOne | =6.5.1rc1.b080 | |
Huawei ManageOne | =6.5.rc2.b050 | |
All of | ||
Netapp Aff A700s Firmware | ||
NetApp AFF A700s | ||
All of | ||
Netapp H410c Firmware | ||
Netapp H410c | ||
All of | ||
Netapp H610s Firmware | ||
Netapp H610s | ||
All of | ||
Netapp H300s Firmware | ||
Netapp H300s | ||
All of | ||
Netapp H500s Firmware | ||
Netapp H500s | ||
All of | ||
Netapp H700s Firmware | ||
Netapp H700s | ||
All of | ||
Netapp H300e Firmware | ||
Netapp H300e | ||
All of | ||
Netapp H500e Firmware | ||
Netapp H500e | ||
All of | ||
Netapp H700e Firmware | ||
Netapp H700e | ||
All of | ||
Netapp H410s Firmware | ||
Netapp H410s | ||
Netapp Steelstore Cloud Integrated Storage | ||
All of | ||
Any of | ||
Redhat Virtualization | =4.0 | |
Redhat Virtualization Host | =4.0 | |
Redhat Enterprise Linux | =7.0 | |
debian/linux | 5.10.223-1 6.1.106-3 6.1.99-1 6.10.9-1 |
For mitigation related information, please refer to the Red Hat Knowledgebase article: https://access.redhat.com/security/vulnerabilities/kernel-vhost
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2019-14835 is a buffer overflow vulnerability found in the Linux kernel's vhost functionality.
CVE-2019-14835 allows privileged guest users to exploit a buffer overflow flaw in the vhost functionality of the Linux kernel.
CVE-2019-14835 has a severity level of high.
To fix CVE-2019-14835, it is recommended to update your Linux kernel to a version that includes the patch for the vulnerability.
You can find more information about CVE-2019-14835 on the official Red Hat Security Advisory and the Git repository for the Linux kernel.