2019-10-11 21:01:50 |
Bruce Jones |
bug |
|
|
added bug |
2019-10-11 21:02:24 |
Bruce Jones |
tags |
|
stx.security |
|
2019-10-11 22:51:52 |
Bruce Jones |
bug |
|
|
added subscriber Ghada Khalil |
2019-10-11 22:52:12 |
Bruce Jones |
bug |
|
|
added subscriber Bill Zvonar |
2019-10-11 22:52:20 |
Bruce Jones |
bug |
|
|
added subscriber Brent Rowsell |
2019-10-11 22:52:35 |
Bruce Jones |
bug |
|
|
added subscriber Cindy Xie |
2019-10-12 00:08:15 |
Cindy Xie |
bug |
|
|
added subscriber zhao.shuai |
2019-10-12 00:08:34 |
Cindy Xie |
bug |
|
|
added subscriber haitao wang |
2019-10-12 00:08:45 |
Cindy Xie |
bug |
|
|
added subscriber Lin Shuicheng |
2019-10-16 17:50:08 |
Ghada Khalil |
cve linked |
|
2019-14835 |
|
2019-10-18 18:44:24 |
Ghada Khalil |
description |
Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C) (V2 legend) [1]
Description : A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
This CVE does not match our policy since the Attack Vector (AV)* = Local instead of Network
However I might recommend to apply the patch since it is already in upstream [3] and fix approved by RHEL[2]
[1] https://nvd.nist.gov/vuln/detail/CVE-2019-14835
[2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
[3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=060423bfdee3f8bc6e2c1bac97de24d5415e2bc4 |
Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C) (V2 legend) [1]
Description : A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
From Victor Rodriguez:
This CVE does not match our policy since the Attack Vector (AV)* = Local instead of Network
However I might recommend to apply the patch since it is already in upstream [3] and fix approved by RHEL[2]
[1] https://nvd.nist.gov/vuln/detail/CVE-2019-14835
[2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
[3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=060423bfdee3f8bc6e2c1bac97de24d5415e2bc4 |
|
2019-10-21 14:22:59 |
Ghada Khalil |
bug |
|
|
added subscriber Victor Manuel Rodriguez Bahena |
2019-10-21 14:36:47 |
Ghada Khalil |
description |
Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C) (V2 legend) [1]
Description : A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
From Victor Rodriguez:
This CVE does not match our policy since the Attack Vector (AV)* = Local instead of Network
However I might recommend to apply the patch since it is already in upstream [3] and fix approved by RHEL[2]
[1] https://nvd.nist.gov/vuln/detail/CVE-2019-14835
[2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
[3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=060423bfdee3f8bc6e2c1bac97de24d5415e2bc4 |
Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C) (V2 legend) [1]
Description : A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
From Victor Rodriguez:
This CVE does not match the StarlingX policy since the Attack Vector (AV)* = Local instead of Network. However I might recommend to apply the patch since it is already in upstream [3] and fix approved by RHEL[2]
[1] https://nvd.nist.gov/vuln/detail/CVE-2019-14835
[2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
[3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=060423bfdee3f8bc6e2c1bac97de24d5415e2bc4 |
|
2019-10-21 14:45:57 |
Ghada Khalil |
summary |
CVE-2019-14835 |
CVE-2019-14835: kernel: vhost-net: guest to host kernel escape during migration |
|
2019-10-21 20:18:32 |
Bruce Jones |
starlingx: importance |
Undecided |
High |
|
2019-10-21 20:18:39 |
Bruce Jones |
tags |
stx.security |
stx.3.0 stx.security |
|
2019-10-21 20:19:04 |
Bruce Jones |
tags |
stx.3.0 stx.security |
stx.security |
|
2019-10-21 20:19:07 |
Bruce Jones |
starlingx: importance |
High |
Medium |
|
2019-10-21 22:08:31 |
Ghada Khalil |
removed subscriber Victor Manuel Rodriguez Bahena |
|
|
|
2019-10-21 22:08:44 |
Ghada Khalil |
bug |
|
|
added subscriber Victor Manuel Rodriguez Bahena |
2019-10-21 23:00:25 |
Ghada Khalil |
starlingx: status |
New |
Triaged |
|
2019-10-21 23:00:36 |
Ghada Khalil |
tags |
stx.security |
stx.3.0 stx.security |
|
2019-10-22 04:42:18 |
Cindy Xie |
starlingx: assignee |
|
Cindy Xie (xxie1) |
|
2019-10-22 18:41:41 |
Bill Zvonar |
removed subscriber Bill Zvonar |
|
|
|
2019-10-23 03:08:44 |
Cindy Xie |
bug |
|
|
added subscriber Robin Lu |
2019-11-04 22:44:20 |
Ghada Khalil |
bug |
|
|
added subscriber Jim Somerville |
2019-11-12 23:34:12 |
Ghada Khalil |
bug |
|
|
added subscriber Bill Zvonar |
2019-11-18 05:17:23 |
Robin Lu |
starlingx: assignee |
Cindy Xie (xxie1) |
Robin Lu (robinlu) |
|
2019-11-22 18:59:03 |
Ghada Khalil |
information type |
Private Security |
Public Security |
|
2019-11-25 01:41:04 |
OpenStack Infra |
starlingx: status |
Triaged |
In Progress |
|
2019-12-06 14:29:51 |
Ghada Khalil |
removed subscriber Bill Zvonar |
|
|
|
2019-12-06 14:31:05 |
Ghada Khalil |
bug |
|
|
added subscriber Daniel Badea |
2019-12-17 22:41:18 |
Ghada Khalil |
starlingx: importance |
Medium |
High |
|
2020-01-02 06:00:28 |
OpenStack Infra |
starlingx: status |
In Progress |
Fix Released |
|
2020-01-02 06:00:30 |
OpenStack Infra |
cve linked |
|
2019-11810 |
|
2020-01-02 06:00:30 |
OpenStack Infra |
cve linked |
|
2019-11811 |
|
2020-01-21 13:58:35 |
Ghada Khalil |
tags |
stx.3.0 stx.security |
in-r-stx20 in-r-stx30 stx.3.0 stx.security |
|
2020-02-06 21:32:08 |
OpenStack Infra |
tags |
in-r-stx20 in-r-stx30 stx.3.0 stx.security |
in-f-centos8 in-r-stx20 in-r-stx30 stx.3.0 stx.security |
|
2020-05-30 17:47:02 |
Ghada Khalil |
cve unlinked |
2019-11810 |
|
|
2020-05-30 17:47:09 |
Ghada Khalil |
cve unlinked |
2019-11811 |
|
|