What is the severity of RHSA-2019:2854?

The severity of RHSA-2019:2854 is classified as important.

How do I fix RHSA-2019:2854?

To fix RHSA-2019:2854, you need to update the kpatch-patch package to a version that addresses the vulnerability.

What systems are affected by RHSA-2019:2854?

The systems affected by RHSA-2019:2854 are those running the specified versions of the kpatch-patch package.

What type of vulnerability is associated with RHSA-2019:2854?

RHSA-2019:2854 is associated with a buffer overflow flaw in the Linux kernel's vhost functionality.

Is there a specific version of kpatch-patch required to resolve RHSA-2019:2854?

Yes, the remedial versions of kpatch-patch specified in the advisory must be installed to resolve RHSA-2019:2854.

Vulnerability/
RHSA-2019:2854

CWE

119

21/9/2019

RHSA-2019:2854: Important: kpatch-patch security update

First published: Sat Sep 21 2019(Updated: )

This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel.<br>Security Fix(es):<br><li> A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/kpatch-patch	<3_10_0-1062-1-1.el7	3_10_0-1062-1-1.el7
redhat/kpatch-patch	<3_10_0-1062_1_1-1-1.el7	3_10_0-1062_1_1-1-1.el7
redhat/kpatch-patch	<3_10_0-1062-1-1.el7	3_10_0-1062-1-1.el7
redhat/kpatch-patch	<3_10_0-1062-debuginfo-1-1.el7	3_10_0-1062-debuginfo-1-1.el7
redhat/kpatch-patch	<3_10_0-1062_1_1-1-1.el7	3_10_0-1062_1_1-1-1.el7
redhat/kpatch-patch	<3_10_0-1062_1_1-debuginfo-1-1.el7	3_10_0-1062_1_1-debuginfo-1-1.el7
redhat/kpatch-patch	<3_10_0-1062-1-1.el7	3_10_0-1062-1-1.el7
redhat/kpatch-patch	<3_10_0-1062-debuginfo-1-1.el7	3_10_0-1062-debuginfo-1-1.el7
redhat/kpatch-patch	<3_10_0-1062_1_1-1-1.el7	3_10_0-1062_1_1-1-1.el7
redhat/kpatch-patch	<3_10_0-1062_1_1-debuginfo-1-1.el7	3_10_0-1062_1_1-debuginfo-1-1.el7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2019:2854?
The severity of RHSA-2019:2854 is classified as important.
How do I fix RHSA-2019:2854?
To fix RHSA-2019:2854, you need to update the kpatch-patch package to a version that addresses the vulnerability.
What systems are affected by RHSA-2019:2854?
The systems affected by RHSA-2019:2854 are those running the specified versions of the kpatch-patch package.
What type of vulnerability is associated with RHSA-2019:2854?
RHSA-2019:2854 is associated with a buffer overflow flaw in the Linux kernel's vhost functionality.
Is there a specific version of kpatch-patch required to resolve RHSA-2019:2854?
Yes, the remedial versions of kpatch-patch specified in the advisory must be installed to resolve RHSA-2019:2854.

agent/references
agent/severity
agent/type
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/remedy
agent/title
agent/weakness
agent/description
agent/event
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2019:2854
agent/software-canonical-lookup
agent/trending
agent/tags
agent/source
package-manager/redhat