[RHSA-2020:0027] kpatch-patch security update
Severity
Important
Affected Packages
24
CVEs
2
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security fix(es):
Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821)
kernel: local attacker can trigger multiple use-after-free conditions results in privilege escalation (CVE-2019-15239)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE page(s) listed in the References section.
- ID
- RHSA-2020:0027
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2020:0027
- Published
-
2020-01-06T00:00:00
(4 years ago) - Modified
-
2020-01-06T00:00:00
(4 years ago) - Rights
- Copyright 2020 Red Hat, Inc.
- Other Advisories
-
- ALAS-2019-1293
- ALAS2-2019-1293
- DSA-4497-1
- DSA-4531-1
- ELSA-2019-3517
- ELSA-2019-3979
- ELSA-2019-4256
- ELSA-2019-4799
- ELSA-2019-4800
- ELSA-2019-4808
- ELSA-2019-4810
- ELSA-2019-4820
- FEDORA-2019-021c968423
- FEDORA-2019-057d691fd4
- FEDORA-2019-124a241044
- FEDORA-2019-15e141c6a7
- FEDORA-2019-1689d3fe07
- FEDORA-2019-41e28660ae
- FEDORA-2019-7a3fc17778
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-a570a92d5a
- FEDORA-2020-2a5cdd665c
- FEDORA-2020-c2d89d14d0
- FEDORA-2020-fe00e12580
- openSUSE-SU-2019:2173-1
- openSUSE-SU-2019:2181-1
- openSUSE-SU-2019:2307-1
- openSUSE-SU-2019:2308-1
- RHSA-2019:3309
- RHSA-2019:3517
- RHSA-2019:3978
- RHSA-2019:3979
- RHSA-2019:4256
- SSA:2019-311-01
- SUSE-SU-2019:2412-1
- SUSE-SU-2019:2414-1
- SUSE-SU-2019:2424-1
- SUSE-SU-2019:2648-1
- SUSE-SU-2019:2651-1
- SUSE-SU-2019:2658-1
- SUSE-SU-2019:2706-1
- SUSE-SU-2019:2710-1
- SUSE-SU-2019:2738-1
- SUSE-SU-2019:2756-1
- SUSE-SU-2019:2879-1
- SUSE-SU-2019:2949-1
- SUSE-SU-2019:2950-1
- SUSE-SU-2019:2984-1
- SUSE-SU-2019:3200-1
- SUSE-SU-2019:3215-1
- SUSE-SU-2019:3228-1
- SUSE-SU-2019:3230-1
- SUSE-SU-2019:3249-1
- SUSE-SU-2019:3258-1
- SUSE-SU-2019:3295-1
- SUSE-SU-2020:0093-1
- USN-4157-1
- USN-4157-2
- USN-4162-1
- USN-4162-2
- USN-4163-1
- USN-4163-2
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1746708 | https://bugzilla.redhat.com/1746708 | |
Bugzilla | 1747353 | https://bugzilla.redhat.com/1747353 | |
RHSA | RHSA-2020:0027 | https://access.redhat.com/errata/RHSA-2020:0027 | |
CVE | CVE-2019-14821 | https://access.redhat.com/security/cve/CVE-2019-14821 | |
CVE | CVE-2019-15239 | https://access.redhat.com/security/cve/CVE-2019-15239 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062_4_3?arch=x86_64&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062_4_3 | < 1-3.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062_4_3?arch=ppc64le&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062_4_3 | < 1-3.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062_4_2?arch=x86_64&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062_4_2 | < 1-3.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062_4_2?arch=ppc64le&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062_4_2 | < 1-3.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062_4_1?arch=x86_64&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062_4_1 | < 1-6.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062_4_1?arch=ppc64le&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062_4_1 | < 1-6.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062_1_2?arch=x86_64&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062_1_2 | < 1-9.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062_1_2?arch=ppc64le&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062_1_2 | < 1-9.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062_1_1?arch=x86_64&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062_1_1 | < 1-10.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062_1_1?arch=ppc64le&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062_1_1 | < 1-10.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062?arch=x86_64&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062 | < 1-11.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kpatch-patch-3_10_0-1062?arch=ppc64le&distro=redhat-7 | redhat | kpatch-patch-3_10_0-1062 | < 1-11.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.4.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.1.2.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.1.1.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.4.2.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=x86_64&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.4.3.el7 | redhat-7 | x86_64 | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.4.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.1.2.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.1.1.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.4.2.el7 | redhat-7 | ppc64le | |
Affected | pkg:rpm/redhat/kernel?arch=ppc64le&distro=redhat-7 | redhat | kernel | < 3.10.0-1062.4.3.el7 | redhat-7 | ppc64le |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |