CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835 Issue Tracking Patch
https://www.openwall.com/lists/oss-security/2019/09/17/1 Exploit Mailing List
https://usn.ubuntu.com/4135-2/ Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2828 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2827 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2830 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2829 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2854 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2863 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2862 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2865 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2864 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2866 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2867 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2869 Third Party Advisory
http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2019/09/24/1 Mailing List
https://access.redhat.com/errata/RHSA-2019:2889 Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html Mailing List Third Party Advisory
https://seclists.org/bugtraq/2019/Sep/41 Issue Tracking Mailing List
https://www.debian.org/security/2019/dsa-4531 Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html Mailing List Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2900 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2901 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2899 Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:2924 Third Party Advisory
https://usn.ubuntu.com/4135-1/ Third Party Advisory
https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/10/03/1 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/10/09/3 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/10/09/7 Mailing List Third Party Advisory
https://access.redhat.com/errata/RHBA-2019:2824 Third Party Advisory
http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html Third Party Advisory VDB Entry
https://security.netapp.com/advisory/ntap-20191031-0005/ Third Party Advisory
https://seclists.org/bugtraq/2019/Nov/11 Issue Tracking Mailing List
http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html Third Party Advisory VDB Entry
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQFY6JYFIQ2VFQ7QCSXPWTUL5ZDNCJL5/
Configurations

Configuration 1

cpe:2.3:o:linux:linux_kernel:5.3:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:_steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*
cpe:2.3:a:huawei:manageone:6.5.0:*:*:*:*:*:*:*
cpe:2.3:a:huawei:imanager_neteco_6000:v600r008c10spc300:*:*:*:*:*:*:*
cpe:2.3:a:huawei:imanager_neteco_6000:v600r008c20:*:*:*:*:*:*:*
cpe:2.3:a:huawei:imanager_neteco:v600r009c00:*:*:*:*:*:*:*
cpe:2.3:a:huawei:imanager_neteco:v600r009c10spc200:*:*:*:*:*:*:*
cpe:2.3:a:huawei:manageone:6.5.0.spc100.b210:*:*:*:*:*:*:*
cpe:2.3:a:huawei:manageone:6.5.1rc1.b060:*:*:*:*:*:*:*
cpe:2.3:a:huawei:manageone:6.5.1rc1.b080:*:*:*:*:*:*:*
cpe:2.3:a:huawei:manageone:6.5.rc2.b050:*:*:*:*:*:*:*

Information

Published : 2019-09-17 04:15

Updated : 2023-02-12 11:35


NVD link : CVE-2019-14835

Mitre link : CVE-2019-14835

Products Affected
CWE