Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
Configuration 14 (hide)
AND |
|
Configuration 15 (hide)
AND |
|
Configuration 16 (hide)
|
Configuration 17 (hide)
|
Configuration 18 (hide)
AND |
|
Configuration 19 (hide)
|
15 Dec 2023, 15:29
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:* | |
First Time |
Netapp steelstore Cloud Integrated Storage
|
|
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQFY6JYFIQ2VFQ7QCSXPWTUL5ZDNCJL5/ - Mailing List | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/ - Mailing List |
12 Feb 2023, 23:35
Type | Values Removed | Values Added |
---|---|---|
Summary | A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. | |
References |
|
02 Feb 2023, 21:18
Type | Values Removed | Values Added |
---|---|---|
Summary | A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. In the worst case (and likely most common virtualization) scenario this flaw affects KVM/qemu hypervisor enabled hosts running Linux guests. | |
References |
|
|
02 Jun 2021, 15:44
Type | Values Removed | Values Added |
---|---|---|
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2854 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2869 - Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2019/09/24/1 - Mailing List | |
References | (DEBIAN) https://www.debian.org/security/2019/dsa-4531 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHBA-2019:2824 - Third Party Advisory | |
References | (CONFIRM) http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-qemu-en - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2828 - Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2019/10/09/7 - Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2889 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2901 - Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2019/10/msg00000.html - Mailing List, Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2019/10/09/3 - Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2827 - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3QNMPENPFEGVTOFPSNOBL7JEIJS25P/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2900 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2867 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2866 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2924 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2830 - Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQFY6JYFIQ2VFQ7QCSXPWTUL5ZDNCJL5/ - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2865 - Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html - Third Party Advisory, VDB Entry | |
References | (MISC) http://packetstormsecurity.com/files/154572/Kernel-Live-Patch-Security-Notice-LSN-0056-1.html - Third Party Advisory, VDB Entry | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20191031-0005/ - Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html - Third Party Advisory, VDB Entry | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Nov/11 - Issue Tracking, Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html - Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2863 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2864 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html - Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2862 - Third Party Advisory | |
References | (UBUNTU) https://usn.ubuntu.com/4135-1/ - Third Party Advisory | |
References | (BUGTRAQ) https://seclists.org/bugtraq/2019/Sep/41 - Issue Tracking, Mailing List, Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2899 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2829 - Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2019/10/03/1 - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* |
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* cpe:2.3:a:huawei:imanager_neteco_6000:v600r008c10spc300:*:*:*:*:*:*:* cpe:2.3:a:huawei:manageone:6.5.rc2.b050:*:*:*:*:*:*:* cpe:2.3:a:huawei:imanager_neteco:v600r009c00:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:* cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:* cpe:2.3:a:huawei:manageone:6.5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* cpe:2.3:a:huawei:manageone:6.5.1rc1.b060:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:5.3:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300e:*:*:*:*:*:*:*:* cpe:2.3:h:netapp:aff_a700s:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700e:*:*:*:*:*:*:*:* cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:* cpe:2.3:a:huawei:manageone:6.5.0.spc100.b210:*:*:*:*:*:*:* cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410c:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:*:*:*:*:*:*:*:* cpe:2.3:a:huawei:imanager_neteco:v600r009c10spc200:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:* cpe:2.3:a:netapp:_steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:*:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500e:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:h:netapp:h300s:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:* cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* cpe:2.3:a:huawei:manageone:6.5.1rc1.b080:*:*:*:*:*:*:* cpe:2.3:h:netapp:h610s:*:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:huawei:imanager_neteco_6000:v600r008c20:*:*:*:*:*:*:* |
Published : 2019-09-17 16:15
Updated : 2023-12-15 15:29
NVD link : CVE-2019-14835
Mitre link : CVE-2019-14835
CVE.ORG link : CVE-2019-14835
JSON object : View
netapp
- h700s_firmware
- solidfire
- h410s
- h500e_firmware
- data_availability_services
- steelstore_cloud_integrated_storage
- h500e
- aff_a700s
- h700e_firmware
- h300s
- h610s_firmware
- h700s
- h300e
- h700e
- h410s_firmware
- h500s
- h300s_firmware
- h410c
- h500s_firmware
- h300e_firmware
- hci_management_node
- aff_a700s_firmware
- service_processor
- h610s
- h410c_firmware
huawei
- manageone
- imanager_neteco_6000
- imanager_neteco
canonical
- ubuntu_linux
redhat
- virtualization
- enterprise_linux
- enterprise_linux_server_aus
- enterprise_linux_server
- enterprise_linux_desktop
- enterprise_linux_eus
- enterprise_linux_for_real_time
- enterprise_linux_server_tus
- enterprise_linux_workstation
- openshift_container_platform
- virtualization_host
opensuse
- leap
debian
- debian_linux
fedoraproject
- fedora
linux
- linux_kernel
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')