Lucene search

DebianDEBIAN:DLA-1940-1:E2E46

HistoryOct 01, 2019 - 1:56 p.m.

[SECURITY] [DLA 1940-1] linux-4.9 security update

2019-10-0113:56:02

lists.debian.org

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

9.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.4%

JSON

Package : linux-4.9
Version : 4.9.189-3+deb9u1~deb8u1
CVE ID : CVE-2019-14821 CVE-2019-14835 CVE-2019-15117 CVE-2019-15118
CVE-2019-15902

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2019-14821

Matt Delco reported a race condition in KVM&#x27;s coalesced MMIO
facility, which could lead to out-of-bounds access in the kernel.
A local attacker permitted to access /dev/kvm could use this to
cause a denial of service (memory corruption or crash) or possibly
for privilege escalation.

CVE-2019-14835

Peter Pi of Tencent Blade Team discovered a missing bounds check
in vhost_net, the network back-end driver for KVM hosts, leading
to a buffer overflow when the host begins live migration of a VM.
An attacker in control of a VM could use this to cause a denial of
service (memory corruption or crash) or possibly for privilege
escalation on the host.

CVE-2019-15117

Hui Peng and Mathias Payer reported a missing bounds check in the
usb-audio driver&#x27;s descriptor parsing code, leading to a buffer
over-read.  An attacker able to add USB devices could possibly use
this to cause a denial of service (crash).

CVE-2019-15118

Hui Peng and Mathias Payer reported unbounded recursion in the
usb-audio driver&#x27;s descriptor parsing code, leading to a stack
overflow.  An attacker able to add USB devices could use this to
cause a denial of service (memory corruption or crash) or possibly
for privilege escalation.  On the amd64 architecture this is
mitigated by a guard page on the kernel stack, so that it is only
possible to cause a crash.

CVE-2019-15902

Brad Spengler reported that a backporting error reintroduced a
spectre-v1 vulnerability in the ptrace subsystem in the
ptrace_get_debugreg() function.

For Debian 8 "Jessie", these problems have been fixed in version
4.9.189-3+deb9u1~deb8u1.

We recommend that you upgrade your linux-4.9 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

–
Ben Hutchings - Debian developer, member of kernel, installer and LTS teams
Attachment:
signature.asc
Description: This is a digitally signed message part

OSVersionArchitecturePackageVersionFilename
Debian9mipsellibcpupower1-dbgsym< 4.9.189-3+deb9u1libcpupower1-dbgsym_4.9.189-3+deb9u1_mipsel.deb
Debian10mipsata-modules-4.19.0-6-4kc-malta-di< 4.19.67-2+deb10u1ata-modules-4.19.0-6-4kc-malta-di_4.19.67-2+deb10u1_mips.deb
Debian10mips64elcrypto-dm-modules-4.19.0-6-5kc-malta-di< 4.19.67-2+deb10u1crypto-dm-modules-4.19.0-6-5kc-malta-di_4.19.67-2+deb10u1_mips64el.deb
Debian10mipssquashfs-modules-4.19.0-6-4kc-malta-di< 4.19.67-2+deb10u1squashfs-modules-4.19.0-6-4kc-malta-di_4.19.67-2+deb10u1_mips.deb
Debian10mips64elusb-modules-4.19.0-6-loongson-3-di< 4.19.67-2+deb10u1usb-modules-4.19.0-6-loongson-3-di_4.19.67-2+deb10u1_mips64el.deb
Debian8i386i2c-modules-3.16.0-10-686-pae-di< 3.16.74-1i2c-modules-3.16.0-10-686-pae-di_3.16.74-1_i386.deb
Debian10mipselsata-modules-4.19.0-6-octeon-di< 4.19.67-2+deb10u1sata-modules-4.19.0-6-octeon-di_4.19.67-2+deb10u1_mipsel.deb
Debian8i386event-modules-3.16.0-10-586-di< 3.16.74-1event-modules-3.16.0-10-586-di_3.16.74-1_i386.deb
Debian9amd64input-modules-4.9.0-11-amd64-di< 4.9.189-3+deb9u1input-modules-4.9.0-11-amd64-di_4.9.189-3+deb9u1_amd64.deb
Debian10mipselcrc-modules-4.19.0-6-octeon-di< 4.19.67-2+deb10u1crc-modules-4.19.0-6-octeon-di_4.19.67-2+deb10u1_mipsel.deb

OS	Version	Architecture	Package	Version	Filename
Debian	9	mipsel	libcpupower1-dbgsym	< 4.9.189-3+deb9u1	libcpupower1-dbgsym_4.9.189-3+deb9u1_mipsel.deb
Debian	10	mips	ata-modules-4.19.0-6-4kc-malta-di	< 4.19.67-2+deb10u1	ata-modules-4.19.0-6-4kc-malta-di_4.19.67-2+deb10u1_mips.deb
Debian	10	mips64el	crypto-dm-modules-4.19.0-6-5kc-malta-di	< 4.19.67-2+deb10u1	crypto-dm-modules-4.19.0-6-5kc-malta-di_4.19.67-2+deb10u1_mips64el.deb
Debian	10	mips	squashfs-modules-4.19.0-6-4kc-malta-di	< 4.19.67-2+deb10u1	squashfs-modules-4.19.0-6-4kc-malta-di_4.19.67-2+deb10u1_mips.deb
Debian	10	mips64el	usb-modules-4.19.0-6-loongson-3-di	< 4.19.67-2+deb10u1	usb-modules-4.19.0-6-loongson-3-di_4.19.67-2+deb10u1_mips64el.deb
Debian	8	i386	i2c-modules-3.16.0-10-686-pae-di	< 3.16.74-1	i2c-modules-3.16.0-10-686-pae-di_3.16.74-1_i386.deb
Debian	10	mipsel	sata-modules-4.19.0-6-octeon-di	< 4.19.67-2+deb10u1	sata-modules-4.19.0-6-octeon-di_4.19.67-2+deb10u1_mipsel.deb
Debian	8	i386	event-modules-3.16.0-10-586-di	< 3.16.74-1	event-modules-3.16.0-10-586-di_3.16.74-1_i386.deb
Debian	9	amd64	input-modules-4.9.0-11-amd64-di	< 4.9.189-3+deb9u1	input-modules-4.9.0-11-amd64-di_4.9.189-3+deb9u1_amd64.deb
Debian	10	mipsel	crc-modules-4.19.0-6-octeon-di	< 4.19.67-2+deb10u1	crc-modules-4.19.0-6-octeon-di_4.19.67-2+deb10u1_mipsel.deb